Please find the answers inline.
1. on PS add new Agent Type as Web Agent or Servlet Agent?
Sharan --> It is same as before (Web Agent). SPS will act as normal web agent.
2. crate virtual host on Access Gateway UI - and how to point it to my protected tomcat?
Sharan --> You can create the virtual hosts and If you are using virtual servers, you can set up your CA SiteMinder® environment quickly by using a DefaultAgentName. Using DefaultAgentName means that you do not need to define a separate agent for each virtual server.
3. copy some default Agent Configuration Objects from ApacheDefaultSettings or from SPSDefaultSettings?
Sharan -->Please use copy of SPSDefaultSettings for ACO and modify accordingly
4. register trusted host for virtual host?
Sharan --> No need to register virtual host, initial registration is enough. It is up to you how you want to design the configuration. If you want to use default agent (only one) for all the virtual hosts, you can use DefaultAgentName ACO as mentioned in question#2. If you want to have different agents for each virtual host, you can take the copy of WebAgent.conf and rename it to WegAgent1.conf and use it for the initialization. Also if you want to use new ACO and agent, you can update the new ACO details in WebAgent1.conf and new agent name in new ACO.
5. Configure Domain and Policy.
Sharan --> It is same as before, no changes with respect to SPS.
Thanks,
Sharan