Last night I threw together a W10 Enterprise installation, started up Wireshark, went to bed, and let it run for around 10 hours. Around 4am there was a lot of chatter from 134.170.51.247. http://whois.domaintools.com/134.170.51.247 Everything has been disabled in Start -> Settings -> Privacy. I've also stopped, and disabled services like Connected User Experiences and Telemetry, error reporting, etc., and modified the appropriate group policy and registry entries. Does anyone know what "feature" 134.170.51.247 is attached to? Is just an update server for patches, or something else? As far as I know Microsoft has always maintained that with Enterprise edition comes the ability to completely disable undesirable communications. I'm already finding that although it looks like quite a bit can be disabled it isn't as quick as hitting a toggle since so far it has involved disabling services, and changing registry entries. Yet even with that 134.170.51.247 persists.
IDK, but you can stop Windows update service and see if it goes away. Thanks for sharing your findings and please keep us up to date if you find something interesting.
I haven't had anymore instances of that IP address, however after the running the KB3163018 update the DWORD value I added to the registry to disable Telemetry was removed resulting in "Diagnostic and usage data" (Start -> Settings -> Privacy -> Feedback & diagnostics) being changed back to "Basic" instead of being grayed out and blank.