So I'm working on bringing my company into the 21'st century, with virtual servers, active directory, ADFS, SSO etc. Its a huuuuge project, with a future goal of ISO 27001 cerification.
The current question is, does the Direct Access role offered by Server 2012 perform the same role as Forefront Unified Access Gateway 2010 does?
I'm sure there are many differences, but my primary concerns are Sharepoint publishing, ADFS proxy, reverse proxy, remote connection, and o365 syncronization.
The DirectAccess capabilities between UAG and Server 2012 are almost all the same. The advantages that Server 2012 DA has over UAG DA are when using all Windows 8 client computers. If you are, then you get the capability to provide multi-site DirectAccess (multiple datacenters with failover). This only works for Win8 clients though, not Win7. If your clients are Win7, the differences in capability between the two solutions are very slim.
However, going with UAG gives you not only DirectAccess capability, but also the ability to publish UAG portals (SSL VPN portals) at the same time on the same box. So you can run DirectAccess connections as well as publish portals for OWA, SharePoint, RDP, SSLVPN, all kinds of different things. This can be a nice way to get users connected from non-DirectAccess machines like home computers or kiosks.
You mentioned SharePoint, ADFS and reverse proxy. These are all things that UAG can publish for you. Server 2012 remote access can NOT.
I know I'm late to the party, but apparently I don't get notified when there are replies to the items I have posted on.
If you use Server 2012 DirectAccess, you shouldn't put any other roles on that server. If you are using UAG DirectAccess, then you can utilize a UAG portal as an ADFS Proxy, that is one of the things it was designed for.
DirectAccess has been around for a while but was a bear to setup and configure. FUAG provided a simplistic UI to help set all of that up and handle the old IPv6 issues. Either way the new DirectAccess product in 2012 is much easier to setup and eliminates the need for FUAG.
Regardless, you shouldn't need DirectAccess or FUAG for anything other than remote connectivity, especially if you have setup or will setup SSO using ADFS proxies and O365.
