Device DNA Session Assurance is implemented in
SPS only at the moment.
As mentionned in the documentation :
The application that drives the DeviceDNA checks is hosted
on by the CA Access Gateway. This proxy server can perform
the standard functions, such as web proxy or SAML federation
functions or it can be a separate stand-alone instance that
is dedicated to servicing the Enhanced Session Assurance
transactions. The CA Access Gateway performance is also
dependent on a number of parameters such as, but not limited
to, authentication and authorization transactions per second,
the ratio of authentications to authorizations within the
environment, the length of user sessions, and the frequency
The Agent for SharePoint handles more complex flow involving federation
and POST requests, and with SPS standalone, the integration of Session Assurance
with Agent for SharePoint goes out of support.