Windows 10 Enterprise E5 is the newest offer for customers who want to take advantage of everything in E3 with the addition of Windows Defender Advanced Threat Protection (Windows Defender ATP) – a new service that helps enterprises detect, investigate, and respond to advanced attacks on their networks.
Building on the existing security defenses in Windows 10, Windows Defender ATP provides a new post-breach layer of protection to the Windows 10 security stack. With a combination of client technology built into Windows 10 and a robust cloud service, it can help detect threats that have made it past other defenses, provide enterprises with information to investigate the breach across endpoints, and offer response recommendations
Ensure that you have a Windows 10 Enterprise E5 licens in you AzureAD tenant
Sign in to AzureAD with you global Admin
Go to http://securitycenter.windows.com/
Select where the location for your data storage
This option cannot be changed without completely offboarding from Windows Defender ATP and completing a new enrollment process.
Select the location for data storage. For more information, see the Data storage and privacy section in the Windows Defender ATP guide.
Select the retention time for you data – default is 180 days
Select your organization size
Select your industry preferences – this can be changed in the Windows Defender ATP portal at a later point.
Windows Defender ATP cloud instance is now being created with in your tenant
Now the setup is complete.
You can select your deployment tool and download packages for the one you want to use.
This can also be done from the Windows Defender ATP portal at a later time.
Now you are ready to onboard your clients
Here is my blog post How to get Windows 10 onboarded with Windows Defender ATP – Intune (MDM)