Last night I threw together a W10 Enterprise installation, started up Wireshark, went to bed, and let it run for around 10 hours. Around 4am there was a lot of chatter from 220.127.116.11. http://whois.domaintools.com/18.104.22.168 Everything has been disabled in Start -> Settings -> Privacy. I've also stopped, and disabled services like Connected User Experiences and Telemetry, error reporting, etc., and modified the appropriate group policy and registry entries. Does anyone know what "feature" 22.214.171.124 is attached to? Is just an update server for patches, or something else? As far as I know Microsoft has always maintained that with Enterprise edition comes the ability to completely disable undesirable communications. I'm already finding that although it looks like quite a bit can be disabled it isn't as quick as hitting a toggle since so far it has involved disabling services, and changing registry entries. Yet even with that 126.96.36.199 persists.