Many customers who have implemented our federated SSO feature have asked us to enable more control over external access based on the location of the client e.g. limit access to Microsoft Office 365 services, depending on where the client (trying to access the Office 365 services) resides.
While this feature is officially on the roadmap for the first half of calendar year 2012, it is available now to customers as a QFE (hotfix) via KB2607496 and is fully documented on TechNet. The feature will move to officially released with the next service pack for AD FS but has already been pilot tested with 12 customers. In short the new capability allows customers to: