You should not confuse the Controlled Feature Rollout (CFR) process with the High Confidence rollout via latest cumulative update (LCU) process. The CFR process generally only targets devices that show no signs of being managed (e.g. not joined to a Windows domain) and that have telemetry setting sufficiently high, and that can actually communicate with Microsoft servers.

The CFR process will pick random members of each Bucket, and try to install the update on them even if they are not High Confidence yet, in the expectation that if anything goes horribly wrong™, they will quickly notice via telemetry. If first signs look good, they will push it to a larger group (some percent) of that Bucket, and if the telemetry is positive, it will be (a) pushed to all devices of that Bucket via CFR and (b) included into next monthly update. (How exactly the CFR process picks the initial candidates is not published as far as I know, but I assume there will be some more factors, like whether the user is enrolled to Windows Insider program and/or how often the machine is used, to keep the disruption to normal customers low and the telemetry quality high).

Therefore, CFR process will reach devices faster than LCU process, at the expense that you act as Guinea Pigs for Microsoft.

By default, only non-managed devices take part in CFR process; by setting this registry key, you can basically offer your machines to be Guinea Pigs for Microsoft even if they are managed.