In the ever changing landscape of IT management, Microsoft Intune is a key technology for managing the modern workplace. In this series Ritesh will discuss learning Microsoft Intune.
Accessing URL : https://endpoint.microsoft.com/
At Ignite 2019 Microsoft introduce its true UEM, Microsoft Endpoint Manager.
Combining the capability of Microsoft Intune, Configuration
Manager, Desktop Analytics, co-management, and Windows Autopilot. Potentially
it is reducing the admin task for managing SCCM and Intune managed devices in
the same portal, reducing time and effort.
Let us dive in the fundamentals starting with what services it offers with Intune.
Intune is a part of Microsoft device management gigs which comes within Enterprise Mobility + Security (EMS) suite and Microsoft 365 subscriptions. Intune can be leveraged stand alone as Azure service using Intune A license.
Apart from MDM Intune does provide MAM capabilities. Combining with Azure AD it can also control the access as to who can access the corporate data and application.
Intune is used in many sectors around the enterprises like
education, governments, kiosks etc. for retail and manufacturing.
Intune can be leveraged stand alone as Azure service using Intune A license.
Here are the following ways in which Intune help:
- Define security norms for devices and make sure
that no access is granted until the device is compliant. - Protecting the ways by which a user can access
the information and share company data. - Manage devices entirely over cloud or a comanaged
scenario combining with SCCM. - Apply granular level policies and defined with
respect to personal and corporate owned devices. - Deploy applications on workstations, desktops,
laptops, mobile devices, and hybrid devices.
It would not be wrong if said that the above-mentioned
points are just the tip of the iceberg for Intune capabilities.
Some of the components which works within Intune, and we shall be talking about each one of them in coming blogposts.
- Device Enrollment: Device enrollment is a process of engaging a device with Intune. This is a separate versatile topic as the possibilities are great with multiple permutations and combinations. Devices are divided into their respective Platforms, OS, BYOD, COD, kiosk, and numerous requirements. Depending upon the requirements, Intune provides the enrollment method.
- Manage Apps: Yes, the first thing that
comes in mind is Intune can deploy apps. But managing the behavior of this app
deployed, options include available, required in system context. Deploy
multiple type of app like Line of Business, Store app, Win32 and many more. Intune
app protection policies comes as cherry on the cake because it lets apply
specific restrictions only on the app used for corporate data on a device which
can be enrolled or not. Isn’t it Great!!
- Compliance and conditional access: As discussed earlier you can define the norms for devices without satisfying of which the access is prohibited. Using conditional access, we can also granularize the subjected service to be restricted like Exchange, SharePoint etc.
- Software Updates: Of course, the to keep
up with the vulnerabilities and threats out there we need to make sure that our
devices are ready for it. Intune gives you a precise ring-based model.
- Reports: Reporting is a major pillar of an
IT infrastructure to keep the departments on the same page. Intune collaborates
with PowerBI with service called Intune data warehouse. It allows you to pull
the data real time and presentable.
In future blogposts on learning Intune, we will discuss about specifics components, there setup, technical architecture and troubleshooting part of it. Chirico!!!!