We have two internal ADFS 3.0 servers setup in a farm. We are also have two WAP servers in the DMZ which are behind a load balancer. Here is my question, we do not publish apps. I know the purpose of WAP is to block direct access to the ADFS servers. If our WAP are not hosting Apps and behind a firewall an load balancer what more are they doing if anything?