Hi Brian thanks for sharing the informative webinar. However I've been playing with isolating the client via the ATP manager but it is a misleading becuase you apply a HI policy via the SEPM and then also associate it with a Firewall Quarantine policy . And when the HI check fails it will apply the Firewall Quarantine policy from the SEPM.
So the only difference you see when you click on isolate button from the ATP Manager itself for this particular endpoint on the agent UI will only see this message " The agent has been Quarantined by the Administrator " And when you rejoin this client from the ATP Manager this message will go away but client will still be placed in the Quarantined location ( and having a quaranted firewall policy applied to it )
Have you tested this feature yet or no ?
Thanks