One of the most important features of UAG is its ability to perform endpoint detection, which allows the organizations to control which clients computers and devices can and cannot access the UAG portal and the applications. For example, your organizations may feel that only specific computers that have been personally approved by the network administrator will be allowed to access the portal.
A few days ago, vNext, a Microsoft partner from France, released a new extension to UAG that provides for advanced endpoint detection, targeted specifically at iPhone and iPad users. The system is based the fact that each device has a unique ID (UDID). To use it, the organization sets up a UDID database, and populates it with IDs of devices that the organization has approved. The client needs to install vNext’s iPad or iPhone application, which sends the UDID to the UAG when the user wants to access the UAG portal. UAG will then check he UDID against the Database, and allow or deny access to the portal based on the results. You can think of this as something similar to MAC Address filtering that some routers offer.
I’m really happy to see such ingenious efforts going into making UAG better and allowing it to integrate with 3rd party platforms better. Unfortunately, at this point, the iPad is not an officially supported platform for UAG, but hopefully, this will change at some point. I’m also being told that a Windows Phone 7 version of the same application is en-route!
More information on this application, as well as a demo video is available here: http://myitforum.com/cs2/blogs/forefrontsecurity/archive/2011/03/16/enhance-the-uag-authentication-on-mobile-device-with-the-uag-mobile-portal-app-by-vnext.aspx