Anand anand3g
If we think only from SSO into SharePoint - You are correct - we can use a CA Access Gateway instead of CA SharePoint Agent.
But CA SharePoint Agent does not only provide SSO, but also provides other SharePoint Capabilities like Claims Search and Support for PeoplePicker functionality which is not present in CA Access Gateway. CA SharePoint Agent also has a SPConnectionWizard which create the Legacy WSFED Object within the Policy Store (you don't have to create a Legacy Object from Scratch using the WAMUI) AND most importantly it generates a powershell script which is needed to create the Trusted Identity Token Issuer on SharePoint.
Further more from support perspective CA Certifies SharePoint Integration using CA SharePoint Agent. Thus has tested all common features of SharePoint using CA SharePoint Agent only.
Thus by using CA Access Gateway, you miss out on all these capabilities and the configuration is far more error prone just to even configure a WSFED SSO. The only purpose CA Access Gateway serves is generating a WSFED to log the user into SharePoint, thats it and nothing more as far.
I'd always go with CA SharePoint Agent for reasons listed, supportability and certified.
Regards
Hubert