MS Defender on OT Network - Deployment Options for Isolated Networks

The post discusses using Microsoft Defender for servers in operational technology (OT) networks that are fully isolated from the internet. The author presents two potential deployment options: allowing outbound firewall access only to necessary Azure reporting sites or configuring a proxy with WinHTTP Proxy while bypassing it for all traffic except Microsoft sites. They seek feedback on whether these approaches have been successfully implemented or if issues arose. No additional options are mentioned.