Configure sensor data

Currently, there are two configurations that can be set for each endpoint.

For example, to configure clients using Group Policy:

1. Download the configuration package for Group Policy.
2. Export the contents of the file.
3. Copy the ADMX file to the %systemroot%\PolicyDefinitions\ folder.
4. Copy the ADML file to the %systemroot%\PolicyDefinitions\en-US folder.
5. Launch Group Policy Editor and create a new Group Policy targeted to the appropriate OU for Windows 10 clients.

You now need to configure the following policies:

• To ensure each endpoint registers with the ATP service, go to Computer Configuration | Preferences | Control Panel Settings, and create a new scheduled task to run the Windows Defender ATP onboarding script.
• To configure the latency mode and sample collection settings, go to Computer Configuration | Policies | Administrative Templates | Windows Components | Windows Defender ATP.

• Client latency mode changes the reporting frequency; for high-value assets or machines at high risk, you can increase the frequency to expedite mode. Enabling this feature may have a performance impact on the client and increase network traffic, so it is recommended you test this on a few endpoints and monitor the impact before deploying widely.
• Change the sample collection settings to enable or prevent samples being collected from the endpoint when a request is made through the Windows Defender ATP portal for deep analysis.