We have two internal ADFS 3.0 setup in a farm using a SQL DB. We also have two WAP servers in the DMZ. I noticed on our relaying party trust properties there is a tab for proxy enabled which I have been trying to read up on. I just want to be certain that our WAP are working and request are not going directly to the internal ADFS servers.
WAP itself do not have capability to identify and filter claims
If end point is enabled on ADFS level and blocked on WAP level, claim request will be processed for intranet and blocked from internet for specific end point