I have a single set of top-level policies, and my client groups inherit the policy.
Under Policies -> Settings -> External Communication Settings, the "Allow Insight lookups for threat detection(recommended)" is un-checked.
When you say "disable the Download Insight component", I presume you mean that needs to happen at the client. Is there a way to use the SEPM server to disable that component? Otherwise a command line that I can automate?
In the "Virus and Spyware Protection Policy", I see that the Download Protection ->Download Insight -> "Enable Download Insight to detect potential risks in downloaded files based on file reputation" is also un-checked.
In the "Virus and Spyware Protection Policy", I see that SONAR -> Sonar Settings -> Enable SONAR is checked. The description for SONAR includes "SONAR uses heruistics as well as reputation data to detect...". Do I need to disable SONAR as well? I'd like to have heuristics enabled, just without the reputation data downloads.