7. Microsoft Defender
Disable microsoft defender notification icon
GPO
Computer Configuration › Administrative Templates › Windows Components › Windows Security › Systray
Hide Windows Security Systray
ENABLED
Updated: 2021-02-19 Reference
Task Manager
⌘ › Task Manager › More Details › Startup
Microsoft Defender notification icon
DISABLED
Updated: 2021-02-19 Reference
7.1. Firewall
Endpoints for telemetry may change. Peridiocally verify these have not changed. See references for additional documentation.
Warning
These endpoints should be blocked or routed to a blackhole. See Pi-Hole and DNAT for Captive DNS.
Connected User Experiences and Telemetry endpoints
Microsoft Defender Advanced Threat Protection is country specific and the prefix changes by country, e.g.: de.vortex-win.data.microsoft.com
Release |
Diagnostic Endpoint |
Functional Endpoint |
Settings Endpoint |
|---|---|---|---|
1703 with 2018-09 cumulative update |
v10c.vortex-win.data.microsoft.com |
v20.vortex-win.data.microsoft.com |
settings-win.data.microsoft.com |
1803 without 2018-09 cumulative update |
v10.events.data.microsoft.com |
v20.vortex-win.data.microsoft.com |
settings-win.data.microsoft.com |
1709 or earlier |
v10.vortex-win.data.microsoft.com |
v20.vortex-win.data.microsoft.com |
settings-win.data.microsoft.com |
Diagnostic data services endpoints
Service |
Endpoint |
|---|---|
Microsoft Defender Advanced Threat Protection |
|
› |
References