Try our new research platform with insights from 80,000+ expert users
Jeoffrey Lozano - PeerSpot reviewer
Assistant Team Leader at a tech services company with 501-1,000 employees
Real User
Top 20
Automated the deployment of patches and applications, which is more efficient and easier
Pros and Cons
  • "Intune has automated the deployment of patches and applications, which is more efficient and easier. It allows us to deploy applications, packages, Windows updates, and security updates like BitLocker encryption more efficiently and easily."
  • "Intune has automated the deployment of patches and applications, which is more efficient and easier."
  • "The most significant challenge is reporting and monitoring. The reporting accuracy for deploying applications and all aspects of Intune needs to be improved."
  • "The most significant challenge is reporting and monitoring. The reporting accuracy for deploying applications and all aspects of Intune needs to be improved."

What is our primary use case?

We use Intune to deploy and manage applications to devices based on our client requirements and needs. We handle a lot of use cases, especially with regard to Microsoft Edge. Recently, we have deployed BitLocker and Docker encryption using Intune. We utilize Intune to patch and onboard Defender and Core Endpoint. We apply Intune to laptops, mobiles, and tablets, including iOS and Android.

How has it helped my organization?

Intune has automated the deployment of patches and applications, which is more efficient and easier. It allows us to deploy applications, packages, Windows updates, and security updates like BitLocker encryption more efficiently and easily.

What is most valuable?

The most valuable feature currently is the BitLocker encryption. Most clients in the Philippines are moving to BitLocker encryption via Intune, transitioning from any existing third-party encryption tools they may have.

What needs improvement?

The most significant challenge is reporting and monitoring. The reporting accuracy for deploying applications and all aspects of Intune needs to be improved. Intune is less admin-friendly than SCCM and WSUS systems. In WSUS and SCCM, you can classify the updates you want to deploy to the endpoints, whereas Intune only has quality updates, definition updates, etc. I rate the admin experience seven out of 10. It's not terrible, but there is room for improvement. 

Buyer's Guide
Microsoft Intune
March 2025
Learn what your peers think about Microsoft Intune. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.

For how long have I used the solution?

We've used Microsoft Intune for nearly 10 years now.

What do I think about the scalability of the solution?

I rate Intune eight out of 10 for scalability.

How are customer service and support?

I rate Microsoft support eight out of 10. Microsoft's engineers provide varied approaches and knowledge about the product.

How would you rate customer service and support?

Positive

What about the implementation team?

We are resellers, consultants, and they often refer to us as implementers. We handle the solution and technical support.

What other advice do I have?

I can rate Microsoft Intune eight out of 10.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Gold Partner
Flag as inappropriate
PeerSpot user
Intune Administrator at Vvolve management consultants
Real User
An easy platform for device management, security, and productivity
Pros and Cons
  • "Intune saves time, and it is very easy to use. It allows us to manage applications completely."
  • "If we could remote into a device, it would be great. Currently, we cannot directly connect to the user device. We have to use other tools such as VMware for connecting to devices."

What is our primary use case?

Intune is a cloud-based platform for mobile application management and mobile device management. We can deploy applications on user devices and enroll user devices. We can enroll devices as per the organization's security policies. The devices comply with all the policies of the organization. We can also change the policies at the backend via Intune.

How has it helped my organization?

Intune helps with enrollments and securities. We can control the access to devices and users. We can specify what users can do. We can give role-based access. For example, a person working as a normal user does not require the same access as a manager. We can give access to users based on their roles. For example, a manager can add users to a particular group, but users cannot do that. We can restrict a user from doing certain activities. For example, we can restrict the user from using a camera or microphone. We can do such a configuration at the backend and deploy it to the user device.

Intune is very helpful for IT and security operations. If Intune is not there, we have to manually connect to user devices and deploy the changes. If we have thousands of devices, doing this manually on each and every device is very difficult. With Intune, we just configure the required settings and deploy them to a thousand devices in a single group. In a single step, we can add devices to a group. We can apply configuration easily. It is very helpful. It saves time. Adding or configuring devices manually takes a few months, whereas the same thing can be done with Intune within minutes.

We have had a very good experience. It is a Microsoft product. Everything related to a user is available. We have user names, user devices' names, and user licenses. We can also check the device compliance. We can see whether the device complies with the company policies or not.

Application updates and patching are available through Intune. We can also change group policy settings and registry settings of a device via Intune. We can change these settings without connecting the device. We can do that by deploying the PowerShell script or configuration profiles. For example, a kiosk device should stay up for hours and hours. It should not go to sleep. You can configure such devices to not go to sleep until 999 minutes. It is a very long time. If we enable such settings and add a particular user device group in the configuration, after the device starts syncing with the policy, no device will go to sleep.

With the Advanced Endpoint Analytics, we can see the application installation status. If we deploy a script to the user, we can see the status. We can see if it is a success or if there is a conflict. We can monitor the changes in user devices and check the compliance status. We can see if any app such as CrowdStrike is not updated.

With the help of Advanced Endpoint Analytics, we can proactively detect and remediate anomalies in endpoints. We can then reach out to users.

Intune saves us a lot of time. If we package an application using virtual packaging or physical packaging, it will take nearly two to three hours to package a single application. If we do this in Intune, it takes just minutes to add applications and deploy users. We can also monitor the particular application status in Intune.

The devices that are linked with Azure Active Directory are automatically linked with Intune. That makes the enrollment and management of BYO devices easy.

Intune has affected IT productivity in our organization. By saving time, it has automatically improved productivity.

Intune certainly saves costs. Without a cloud-based solution like Intune, we would require more IT staff.

What is most valuable?

Microsoft releases updates every second Tuesday. We can deploy those updates from Intune. We can also do patching through Intune. We can do quality updates and feature updates from Intune. We can also monitor the application status in Intune. We can see which applications are installed, pending, or available to install. We can see these things in Intune.

It is user-friendly. We can also troubleshoot any issues.

Intune saves time, and it is very easy to use. It allows us to manage applications completely.

What needs improvement?

If we could remote into a device, it would be great. Currently, we cannot directly connect to the user device. We have to use other tools such as VMware for connecting to devices.

If there are any issues, we should be able to connect through the Intune portal. The administrator should not have to go anywhere from the portal. He should be able to do everything from the portal.

Intune does not show whether a device is online or offline. It just shows the last login. It would be useful to know whether a device is online or offline.

We can see the issue related to updates in the Intune portal, but we cannot do anything from the Intune end. We have to connect to the user's device manually. We also need a better understanding of why the update is not happening on a particular device. It will decrease the time to troubleshoot the issues.

At times, there have been slowness issues with the company portal. It takes time to load and does not show the application status.

It would be great if there is a way to generate a PowerShell script to do certain things. Learning the PowerShell script is not easy, so such a feature would be helpful. Based on what we want, if it can automatically generate a script, it would be helpful.

It is not necessary, but it would be great if they added a messaging system in Intune. For example, when it is a shared device, a number of users log in to the device. In the case of any issue, it would be great to be able to directly message a user from Intune. Currently, there is no option for that, but if it could be done, it would be a very good thing.

For how long have I used the solution?

I have been working with this solution for the last 18 months.

What do I think about the stability of the solution?

It is 100% stable.

What do I think about the scalability of the solution?

It is very scalable.

We have about 12,000 devices and 20,000 users.

How are customer service and support?

So far, I have not raised any questions with them.

Which solution did I use previously and why did I switch?

I have worked with Microsoft SCCM. It is similar to Intune but not as user-friendly as Intune. Intune is very easy to understand. Its framework is very good. Microsoft SCCM is very old.

I have not worked with any other vendor. 

How was the initial setup?

I am involved in the deployments, enrollments, troubleshooting errors, and monitoring in Intune. I take care of adding devices, users, and licenses, deploying policies, and configuring policies and scripts.

Its deployment does not require much. We just need a license to operate it. Our management takes care of that. There are a few licenses that are active only for nine hours. After nine hours, the roles are deactivated.

It does not require any maintenance from our end.

What's my experience with pricing, setup cost, and licensing?

Intune is linked with Microsoft. We can deploy the Microsoft E365 license to users by Intune. There are different types of licenses, such as device administrator licenses, E5 licenses for device enrollment manually, and P1 and p2 licenses for device enrollment automatically. These are the licenses required for the administration.

Which other solutions did I evaluate?

I did not evaluate any other option. This was my first project, and I started as an Intune administrator.

What other advice do I have?

It is a very good tool. It is easy to learn. You can expect quick assistance from Intune.

Before using Intune, I would recommend learning about Windows. Learn about the registry, configurations, and group policies. If you know these, it is easy to learn Intune.

You can face enrollment errors if the prerequisites are not met. For example, to upgrade from Windows 10 to Windows 11, you need to have some amount of free space or RAM. If you do not care about the prerequisites and just enroll the device, it causes issues. It will affect the device, and you need to enroll the device again.

I would rate Intune a nine out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Microsoft Intune
March 2025
Learn what your peers think about Microsoft Intune. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
Consultant at IT Consulting Dariusz Szymkun
Consultant
A modern, cloud-based solution for centralized management
Pros and Cons
  • "It is helpful for managing devices anytime and any place without requiring dependency on the local networks."
  • "There is still a gap between SCCM and Intune, especially in the reporting, inventory, and software deployment areas."

What is our primary use case?

I was using Intune with a customer. I had a long-term contract with a mining company, and then I moved to another organization. I am now in a different company. They all are large organizations. They are moving to the cloud, and Intune is one of the tools they are going to utilize.

In my previous job, Intune was being used for the cloud environment. We migrated fully from on-premises SCCM to cloud-only managed. We were utilizing all the benefits of Intune for cloud management, such as Windows updates, encryption, configuration, replacement of GPOs, etc. Moving away from the SCCM to Intune was a part of my previous job.

How has it helped my organization?

It is a modern tool. It is a cloud-based or software-as-a-service tool that gives you centralized management at one location. You have good dashboards. You have pretty much everything at a single location. You can manage different settings in one place. It is about manageability. It also gives you access from any place. It is a cloud solution, so as long as you have connectivity, you can do pretty much everything.

Intune brings all of the endpoint and security management tools into one place, but it is a lengthy process because I have been working for large organizations. They have been heavily dependent on on-premise services for years or decades, so the transition always takes time, but it is pretty successful. It is a good tool, but in security, there are dependencies, so it takes time for the transition to be successful. We have been using different security baselines and CIS or NAS methodology. It is a difficult process. Especially when you do GPO migration, not all settings are yet directly supported in Intune. Sometimes, you have to do a bit of workaround, power shell settings, and registry settings. It is tricky, but it is a key area for a successful transition.

Intune does not yet provide full endpoint visibility and IT control across device platforms. There is still a significant gap between all the systems we used on-premise and Intune. It is probably going to take time for Microsoft to fill the gap. Sometimes, you have to use third-party products, and sometimes, you have to use workarounds. It is a tricky one, but Microsoft is moving in the right direction, slowly but surely.

In terms of user experience, users do not use Intune. From the user perspective, it is about the performance and the impact, and there are some analytical tools to measure performance, reliability, etc. The built-in reporting is pretty good.

Intune affects IT productivity. From the IT operations perspective, things are much more simplified. The transition also enforces some cleanups, optimization, etc. It is definitely a great improvement for the IT organization.

Intune itself has probably not reduced the risk of security breaches, but there are many add-ons. There are many security products from Microsoft that integrate with Intune and Azure. Its reporting is great. By having the right knowledge and the right understanding, you can utilize this. There are some security baselines that you can utilize in Intune, which are coming out of the box. Microsoft is providing its own products for security, and this is probably an area we should explore.

Intune helps to save costs. As a part of the transition from on-premises to Intune, you can decommission your legacy infrastructure such as SCCM and domain controllers.

Intune has helped to consolidate vendors. It is one product, and Microsoft is trying to fill all the gaps with the add-ons. Microsoft is constantly adding functionality pretty much on a monthly basis. Utilizing a single vendor or single tool set is always good. This consolidation affects the licensing costs. When you have a single vendor, you have more options for contract negotiation, license discounts, etc.

It is very important that the capabilities of the Intune Suite are integrated with Microsoft 365 and Microsoft Security for both cloud and co-managed devices. You have a single pane and the same toolset. It is always good to utilize a single product.

What is most valuable?

It is a modern desktop management tool. It is a replacement for SCCM and GPOs. When organizations are moving away from the AD to Azure AD, especially for devices, it is very useful. It is helpful for managing devices anytime and any place without requiring dependency on the local networks.

What needs improvement?

There is still a gap between SCCM and Intune, especially in the reporting, inventory, and software deployment areas. For people using SCCM, Intune seems to be very simple. It is a good thing, but sometimes, it is a bad thing. There is a significant gap, especially for large organizations in terms of functionality. Microsoft still has a lot to do.

For how long have I used the solution?

I have been working with Intune for about 5 years. I am an endpoint management specialist. I am using it pretty much daily.

What do I think about the stability of the solution?

I would rate it an 8 out of 10 for stability. It is still under development, so there are issues. Sometimes, settings are not consistently applied everywhere, so they give unexpected results. It is probably because of the learning curve and also the ongoing development. Sometimes, there are bugs or some mistakes. It is a cloud environment, and sometimes, some settings are not applied. It is a matter of time. It will get fixed.

What do I think about the scalability of the solution?

It is very scalable. It is practically unlimited.

I have been working with companies with different numbers of users and devices. In one company, there were 40,000 devices, and in another one, there were 300,000. The number of users is more than the number of devices because the companies I have been working with have different shifts, so they are sharing devices. That is why there are more users than devices. The average is 35,000.

How are customer service and support?

The first and the second lines of support are quite poor. They redirect end users to publicly available documentation, which is not very useful because usually, the first thing you do is to check what is available publicly before you raise the ticket. Their support is not very good. I would rate their support a 6 out of 10.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I have been mostly using SCCM. The move to Intune was a part of the cloud transition. Most companies are moving not only the MDM solution but all kinds of services to the cloud. Intune is just one of them. It covers one of the areas.

How was the initial setup?

Its deployment and maintenance are easy. I would rate it a 9 out of 10 for both. It is generally deployed on a public cloud.

The number of people required for maintenance depends on the size of the organization. One person is never good enough because you need to consider various time zones, people going on leave, etc. 

What's my experience with pricing, setup cost, and licensing?

Intune comes with the licensing that is common for large organizations. However, Microsoft has recently released many add-ons that are very expensive, especially for large organizations or corporations. They are not very happy. They are not willing to buy them. That is the problem. Microsoft should probably work on the strategy for pricing for the add-ons.

Which other solutions did I evaluate?

They probably did not evaluate other options. A lot of organizations are trying to use one vendor, and they have been using Microsoft for a long time. Intune seems to be the most complete as compared to others. I have been doing some research recently for a company, and I have been going through some Gartner reports. Intune is clearly number one in this area.

What other advice do I have?

To those evaluating this solution, I would advise to be aware of the fact that this is a product that is still being developed. There are many features that are not available yet, especially as compared to a product like SCCM which has been on the market for many years. Do not expect everything to be available straight away. 

I have not used Intune much for BYO devices. The companies I have been working with do not allow that. They either provide their own hardware, such as laptops or desktops, or virtual desktops such as cloud PCs. They either have Azure virtual desktop or Windows 365, so I do not have much experience with BYO devices.

I have also not used Intune's Endpoint Privilege Management feature. It is probably a new functionality that is not free. For large organizations, it is a significant cost, so they are reluctant to go in this direction. They might use it in the future.

Because of its scalability and future-proofing, I would rate Intune a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Assistant Manager at Melco Resorts & Entertainment
Real User
Top 20
Enables you to use MDM to lock devices and push restrictions, but isn't as stable as other solutions
Pros and Cons
  • "We are using the mobile feature, and we are also using MDM to lock the devices, to push restrictions, et cetera"
  • "In the past, I raised some tickets for the enhancement feature, which was missing in Intune."

What is our primary use case?

The solution is deployed on cloud. I'm part of the support team. There's another server team that works closely with Microsoft. They purchased an old 365 license, and Intune was one of the included features. We wanted to take advantage of the feature because it was part of the package. That's why our top management decided to save some costs by making use of Intune and not using AirWatch anymore.

We are enrolling through the Intune company portal, and then we are using the Outlook app to configure the email addresses of the company.

What is most valuable?

We are using the mobile feature, and we are also using MDM to lock the devices, to push restrictions, et cetera. Compared with AirWatch, I think it's easier to manage the devices and the profiles in AirWatch. Intune has a lot of options, but I've only been playing around with it for a few months.

What needs improvement?

In the past, I raised some tickets for the enhancement feature, which was missing in Intune. It can take a long time for these features to appear, or maybe they will just never happen.

There are certain things that I'm trying to replicate from AirWatch, and it's not possible.

In AirWatch, we have a launcher, which is like a container. You can choose single-app mode or multi-app mode. But in Intune, for example, you need to factory reset the device and then apply the MDM. If we choose multi-app mode, which is the kiosk multi-app mode in Intune, I cannot lock the application on the screen. For example, in the set mode, you have the option to set the leave Kiosk password. You can exit the kiosk. But if you choose Intune multi-app mode, you don't have this leave kiosk option. For us, it's very useful.

If you have this leave kiosk option in the multi-app, you should also have it in the single-app mode. We need this because we have an application that you run on a tablet in hotel rooms, and we want to lock the application in a single-app mode, but besides the application, we also need to have some background applications running, like we need to do some configurations in Knox from Samsung, and eFolder. 

We have three applications that we need to push, but the guests will only be able to see one. Because I don't have the option to leave the kiosk in the single-app mode, I cannot do any configuration in the background apps. We have one app we cannot migrate to Intune from AirWatch because of this issue. This applies to more than 2,000 devices.

I think we need the leave Kiosk option available for the Kiosk single-app mode, because we are stuck with at least 2,000 devices or more because we want to completely retire AirWatch, but we cannot until this feature is available. The applications that we are using in our hotel rooms are not compatible with Intune. My bosses are not really satisfied because we still have expenses with purchasing a license with AirWatch because Intune cannot really fulfill our requirements.

This option is already available in the multi-app mode. It should not be a new feature. This feature already exists. They just need to apply the single-app mode the same way they're applying the multi-app mode.

What do I think about the stability of the solution?

Compared with AirWatch, Intune is not very stable because I haven't had to deal with these issues. With AirWatch, I would try to fix something and I would need to fine tune the settings, et cetera. But once I fine-tune and push everything, it will run and be stable. With Intune, we are new with this product, but it took some time for me to create a profile and test the devices. It has been working for a few months, but then suddenly this weird issue happened. It affected all devices at once.

What do I think about the scalability of the solution?

In the Outlook application, the scalability is good so far. But there are some differences between on-premises mailbox users and cloud users. For example, let's say I'm my boss's assistant and I'm able to view my boss's calendar on my Outlook desktop. Let's say I want to view a shared calendar on my Outlook app. For the cloud-use mailbox, I'm able to do this, but if I'm an on-premises mailbox user, this option is not available. Usually the cloud mailbox users have more options than on-premise users.

We have around 2,000 users enrolled in Intune so far, not counting the MDM device. That includes just email, the one that I have enrolled in the Outlook email app.

Our plan is to keep the solution because our primary solution for email mobile is now Intune because we are retiring AirWatch. We have already retired the email for AirWatch, and we are just using AirWatch for MDM devices. Of course, the plan is to keep increasing usage. If more users request email on their mobile, we are going to offer Intune.

How are customer service and support?

Technical support is very responsive and helpful. There's another issue that I raised related to Adobe Acrobat. I'm not sure if it's a region issue, but I'm in Macau, and we also have some users in Manila, Hong Kong, and Cyprus. All of us are using the same profile. I make the Adobe Reader application available on the manage app store, but somehow the users in Macau, when they go to the manage play store, are not able to see Adobe Reader on the list. It's only happening in Macau.

I raised this issue. Support dragged the issue on for two months. Support said, "Because all the applications go through the Play store, maybe you need to reach out to Google." The issue was not really resolved because the issue might not be related to Microsoft but Google, et cetera. I just gave up.

Compared to AirWatch, I can upload APKs or I can just redirect the Play store link to push the apps. But in Intune for example, I'm forced to upload all the applications through the managed app store. To make it available is a different process, basically. There are some things that don't really stretch forward. 

If I upload a custom APK in the manage Play store and then I want to remove it, I cannot remove it myself. I need to send an email to Google and ask them to remove it. Then they will ask me to unpublish the app for 24 hours first. These are very simple things that I should be able to control myself, and it wastes a lot of time.

Which solution did I use previously and why did I switch?

I think if you have the money and want something more stable, you should go for AirWatch. I don't think Microsoft is offering the same stability as VMware at this point. On other hand, I think the support from Microsoft is better, particularly the support in Asia. In VMware, all the support is from India, and sometimes I have a hard time with them.

How was the initial setup?

Now that I'm starting to be familiar with the profiles, it's starting to get easier. A few weeks ago, there was a very odd issue that happened also related to MDM devices where we were using the manage home screen application to lock down the apps that we wanted to allow only the users to use, like the kiosk application.

We have configured the profile and have deployed to 200 or 300 devices. Some of our users called and said suddenly all the mobile devices were flashing. I don't know what happened, but it happened at the same time. The workaround that I had to do was to remove the manage home screen from the profile. Then all of the devices were kicked out and went back to the home screen of the devices. That was the only way they could resume the mobile devices. I don't know what happened, but something was wrong with the manage home screen app on that day because a few days after, I pushed back and everything resumed.

What was our ROI?

We have ROI because we are retiring AirWatch, so we're spending less and making the most of the free stuff.

What's my experience with pricing, setup cost, and licensing?

The licensing is on a yearly basis.

What other advice do I have?

I would rate this solution 7 out of 10.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Intune/System Engineer at a manufacturing company with 11-50 employees
Real User
Top 20
Offers centralized management and ensures security and compliance
Pros and Cons
  • "We were trying to solve many issues, mainly the lack of centralized management. Before Microsoft Intune, we had to manually support devices one by one, installing applications and configuring policies individually. When we implemented the tool, it became much easier to manage our devices. We enroll them in Microsoft Intune and can manage all devices with a few clicks. For application management, it's the same process. If we want to deploy applications to hundreds or thousands of devices, we can do it easily with just a few clicks. This also applies to policies."
  • "The solution needs to improve reporting. Sometimes, it shows double or triple entries of the same thing, which affects the count's accuracy. Also, some applications onboarded in Microsoft Intune do not get updated. When we look for solutions online, there is often no clear answer."

What is our primary use case?

We use the solution for endpoint management for about 15,000 devices. It helps us ensure compliance and security for our devices according to standards. We also use it for application management, security and compliance, and centralized management from a single point. So, it covers endpoint management, app management, and compliance management and provides centralized control.

What is most valuable?

We were trying to solve many issues, mainly the lack of centralized management. Before Microsoft Intune, we had to manually support devices one by one, installing applications and configuring policies individually. When we implemented the tool, it became much easier to manage our devices. We enroll them in Microsoft Intune and can manage all devices with a few clicks. For application management, it's the same process. If we want to deploy applications to hundreds or thousands of devices, we can do it easily with just a few clicks. This also applies to policies. 

I have been using Microsoft Intune and another solution for endpoint management. What I like the most about IT is that it's a cloud-based solution. We don't need any on-premises infrastructure to manage it. It's easy to access the portal from anywhere securely. This setup reduces our workload because Microsoft handles everything related to the infrastructure, including notifications about any downtime. This way, we can inform our customers in advance.

We are currently using different solutions, but all from Microsoft. We use Microsoft Defender for Endpoint Security. it also includes Microsoft Defender. In the future, we might use these tools for security purposes.

The solution's user experience is very good. Compared with on-premises solutions, it deploys applications and policies faster, resolving user queries in less time. Configuring anything is easier; users only need to follow a few basic steps, such as installing the company portal app and logging in with their ID and password, to integrate their device. Unlike on-premises solutions, which can be confusing, the solution allows us to manage various devices, including Linux, mobile devices, and Windows. 

It functions similarly to on-premises but offers additional features. For example, we can maintain applications downloaded from the Microsoft Store and onboard them as a solution for user-based deployment. This reduces the need to create manual packages, as most applications are available on the Microsoft resource.

What needs improvement?

The solution needs to improve reporting. Sometimes, it shows double or triple entries of the same thing, which affects the count's accuracy. Also, some applications onboarded in Microsoft Intune do not get updated. When we look for solutions online, there is often no clear answer.

Microsoft Intune has no automatic cleanup option for devices that haven't been used for over 90 days. It would be beneficial for Microsoft to add such a feature.

For how long have I used the solution?

I have been using the product for two years and six months. 

What do I think about the stability of the solution?

The solution is stable, but there was one incident where we faced an issue with a security patch. We didn't receive any notification about this problem, which caused significant issues in our infrastructure. Regarding SLA, we now receive multiple notifications from Microsoft about planned downtimes. 

What do I think about the scalability of the solution?

The tool is used by users in our environment across various locations, including RU, APAC, China, India, Pakistan, and Germany. It is scalable. 

How are customer service and support?

Microsoft support takes time to respond. 

How would you rate customer service and support?

Neutral

How was the initial setup?

The installation and implementation were very easy compared to on-premises solutions. We just needed one Azure account to create a tenant and log in to endpoint management. The setup required only a full subscription. On-premises setups, by contrast, need multiple servers, VPNs, and IP configurations, which is much more complicated. Configuring the tool took around 10-20 minutes, and only one person was needed.

What was our ROI?

The solution has reduced manual labor by approximately 15%. Many business applications, such as Google Chrome and VLC Media Player, are available in the Microsoft Store. We still need to manually create packages for a few custom applications used by our organization that aren't available in the Microsoft Store. However, we can onboard the majority of applications without creating manual packages. Being a cloud-based solution, it eliminates the need for multiple on-premises servers and the associated infrastructure. We only need a cloud subscription to manage everything. We can save around 40 percent on costs with Microsoft Intune. It has also helped us save money, time, and resources by 50-60 percent. 

What other advice do I have?

We use the workbook to describe data on device compliance. It helps us generate reports and analytics about how many devices are compliant and how many are below the patch compliance deadline for updates. We do use some of the reporting features. For endpoint security, we can check how many devices have been affected by malware and how many have an updated Defender platform.

Microsoft Intune is a cloud solution, so there's no need to maintain servers, patch networks, or configure network info. It provides EDR capabilities. The solution also allows for mobility management, meaning we can manage mobile devices. Additionally, it can manage Chrome OS and Linux devices, though we aren't currently using that feature. The tool offers a centralized solution for deploying policies, compliance policies, application management, and patching servers and workstations.

The product has reduced our costs and centralized management. We can manage all our devices from a single console, which is very effective for reporting.

It simplifies deploying applications. We can push policies to ensure only certain users can access specific applications. Additionally, Intune allows us to create user and device groups.

Currently, we manage privileges through Azure AD. We have groups set up with specific group policies and restrictions. For example, we've assigned certain licenses, such as E5 and Office 365 Copilot licenses, to users through these groups, granting them the necessary privileges to access these features.

The solution supports logging, which helps us easily trace and identify issues. It also provides many reports on device compliance and configuration. This capability helps us reduce the time required to reach out to Azure. 

It centralizes the management of users, groups, and applications. In an on-premises setup, we would need multiple teams, such as an AD and application packaging team. With Microsoft Intune, we don't need to create packages for many applications, as they are already available in the line of business.

I would recommend it to other users because it's a cloud solution that centralizes the management of endpoint devices, security, and Azure products. However, I would mention that reporting is an area where the tool could improve, as it's crucial for some organizations. If reporting is a critical need, Microsoft Intune might not fully meet those requirements.

I rate it an eight out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
reviewer1900344 - PeerSpot reviewer
Senior Solution Architect at a consultancy with 51-200 employees
Real User
Top 20
Unifies all of our endpoints and security management tools, and provides full endpoint visibility and IT control, but is lacking some policy features
Pros and Cons
  • "The many policies available in Microsoft Intune for managing our devices are valuable."
  • "The policies we had in SCCM and AD offered features that are missing from Microsoft Intune."

What is our primary use case?

We use Microsoft Intune to manage our corporate devices such as mobile devices.

How has it helped my organization?

Microsoft Intune unifies all of our endpoints and security management tools.

Since Intune is part of Microsoft and managed under one umbrella, we don't need any third-party solutions and we can control everything from Intune which enhances our IT and security operations.

Microsoft Intune provides full endpoint visibility and IT control across device platforms ensuring our data is secure.

The user experience for Intune is good.

Microsoft's security signals within Intune improve our security posture.

Endpoint Privilege Management enables us to enforce least privilege access. We can assign different types of access based on each user.

Our attack surface is minimized because if there are any threats or suspicious activity, the affected device is automatically blocked and it becomes non-compliant. The application and company data become inaccessible until the issue has been resolved. These actions also trigger email notifications to inform us of the situation.

Implementing Microsoft Intune has significantly improved the efficiency of our IT team. Previously, managing our devices involved juggling Active Directory and SCCM, requiring multiple tools and a scattered approach. Now, with everything centralized in the cloud, we have a single portal, a single point of control, and a single subscription. This eliminates the need for dedicated servers and complex hardware setups, reducing the need for manual monitoring and update triggers. With Intune, everything is under one umbrella, offering a wide range of options with just a click. No more complicated settings or fragmented workflows. We simply choose the desired policy, perform a few clicks, and our machines are enrolled and updated seamlessly. This streamlined approach has not only boosted our IT team's productivity but also enhanced our overall security posture.

Intune has helped reduce the risk of security breaches by up to 70 percent.

Microsoft Intune has helped our organization save costs.

What is most valuable?

The many policies available in Microsoft Intune for managing our devices are valuable.

What needs improvement?

The policies we had in SCCM and AD offered features that are missing from Microsoft Intune.

For how long have I used the solution?

I have been using Microsoft Intune for one year.

What do I think about the stability of the solution?

I would rate Microsoft Intune's stability a seven out of ten because it needs more granular policies.

How are customer service and support?

The first level of support is not good but the higher levels are knowledgeable and they are available 24/7.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We previously used Microsoft System Center Configuration Manager and switched to Microsoft Intune so we could better secure our personal and corporate devices.

How was the initial setup?

The initial deployment was straightforward. We need a license to join the machines to Azure and then apply the policies we create.

One person is required for deployment.

What about the implementation team?

The implementation was done in-house.

What's my experience with pricing, setup cost, and licensing?

I am satisfied with the pricing.

What other advice do I have?

I would rate Microsoft Intune a seven out of ten.

Intune has helped us consolidate vendors. The consolidation has saved us on licensing costs.

We have 100 plus customers and a team of 20 people using Microsoft Intune.

It's important that Intune's suite is integrated with Microsoft 365, and Microsoft Security for both cloud and co-managed devices.

Intune does not require maintenance but we do need to monitor the status of our devices.

I recommend trying Microsoft Intune.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
reviewer961707 - PeerSpot reviewer
Enterprise Mobility Engineer at a computer software company with 11-50 employees
MSP
Offers ease of use but needs to improve the tunnel gateway
Pros and Cons
  • "I have seen a return on investment right from the start of the tool's usage."
  • "The tool's tunnel gateway is not very good, making it an area where improvements are required."

What is our primary use case?

My company has over 7,000 devices, including mobile devices, Windows, and Mac. The tool is only used to manage my team's mobile devices.

What is most valuable?

The solution's most valuable features are its ease of use and control of the MAM and MDM policies and configuration. The tool is straightforward and easy to use, while it also integrates with Azure. It has been a good product so far.

The tool has improved the way my team works as it is a cloud-based tool, so we don't have to manage on-prem servers. We also use apps on Microsoft Office 365, which is also one of the main reasons why we use Microsoft Intune.

I use the enterprise application management features of the tool, and my experience with it has been pretty good. Microsoft tells us that there are no bug issues with the updated versions or current versions, so there are no issues in the tool.

I use Microsoft Intune's Cloud PKI, and it helps manage the complexity of certificate management in infrastructure pretty well. There are no issues with certs or updating them.

Microsoft Intune has not affected my IT productivity, but it is not a very Android-friendly tool. We have had a lot of Android issues and compatibility problems with our VPN or tunnel. The tool is not very Android-friendly.

The maintenance of the tool is a lot less now for our company.

With the day to day device management tasks, the tool has been great, and there have rarely been any issues with it.

The mobile application management policies, specifically conditional access policies and app protection policies, are good features for managing diverse mobile environments. The DLP part is very strong.

What needs improvement?

The tool's tunnel gateway is not very good, making it an area where improvements are required. I wish it weren't so Azure's security group-based tool with which you can have local accounts. More personalization should be possible in the tool. One negative about Microsoft Intune is it acts too much as one of Azure's group-based products.

For how long have I used the solution?

I have been using Microsoft Intune for half a year. I am just a customer of the solution.

What do I think about the scalability of the solution?

I think the scalability is pretty easy and a lot easier to manage since we don't have to deal with the on-premises side. We use the cloud for extra storage, so it has been great.

How are customer service and support?

My experience with the solution's technical support has been very good, but for other teams, it has not been very good. I rate the technical support a nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

My company previously had some on-premises tools, but now it is cloud-based, so we save all the money on the network infrastructure and data centers. We don't need servers or storage, and it helps us save money.

How was the initial setup?

When it comes to the product's deployment phase, I have taken part in the mobility side. In our company, we went through a migration, so there is always a lot of planning and testing and all that goes with it. Overall, it is fairly easy to use because it is deployed on a SaaS model.

The solution is deployed using a dedicated SaaS model. I think other teams have deployed it using an on-premises model.

The solution's deployment phase took a year and a half to test and set up everything. There was a lot of stuff involved.

What was our ROI?

In our company, prior to our migration, we already had Office 365 licenses, so it saved us around 4,00,000 for around a year.

I have seen a return on investment right from the start of the tool's usage.

What's my experience with pricing, setup cost, and licensing?

I don't really know how much it costs, as my company pays for a bunch of licenses. The tool is cheaper than our company's other MDM tools.

What other advice do I have?

My company has a few of Microsoft Intune's compliance policies that have helped us with some of the issues with sync interval with the compliance that we have noticed. The sync interval or the turnaround is not as quick as our company would like it to be currently. I understand that we can't control the sync interval.

I rate the tool a seven and a half out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Cybersecurity Administrator at a consultancy with self employed
Real User
I like how the solution deploys the policies and makes them customizable
Pros and Cons
  • "I like how Intune deploys the policies and makes them customizable. You can deploy it through Intune and forget about it."
  • "Sometimes, it takes time to synchronize the policies between the portal and the devices, you don't have a way to estimate how long it will take to deploy. You have some kind of gray area, where it can deploy in 30 minutes or three days."

What is our primary use case?

We use Intune as the MDM platform, and we used to deploy some products connected to Intune. 

How has it helped my organization?

Intune has improved productivity somewhat by connecting the AD with Microsoft Defender and the MDM because we can identify the Internet server. That's the main application or port over which we can manage our infrastructure. It streamlines device management. 

What is most valuable?

I like how Intune deploys the policies and makes them customizable. You can deploy it through Intune and forget about it. 

You can connect Defender for Endpoint to Intune and assign the client to start porting detections and alerts, creating a little security operations center. The integration is easy but tricky for someone who doesn't know how to use it. Once you learn to use it, it's a powerful tool that can condense most of your administrative tasks into one place

Integration with Microsoft 365 and security is critical if you have a Microsoft infrastructure. You want all the tools to be connected and exchanging data so that when you make a change or deploy something, you can make an informed decision and log the errors. You can avoid having different types of configurations and strengthen your policies. 

We've been using what they call conditional access in which we set up policies and apply them based on certain conditions and attributes. For example, you can apply some policies to company-owned devices and a different set of policies to devices for personal use. 

What needs improvement?

Sometimes, it takes time to synchronize the policies between the portal and the devices, you don't have a way to estimate how long it will take to deploy. You have some kind of gray area, where it can deploy in 30 minutes or three days. 

For how long have I used the solution?

I have two years of experience with Intune

How are customer service and support?

I rate Microsoft support nine out of 10. When we raise a ticket, they respond with a solution or guidance on how to fix the problem within 24 hours. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We used VMware Workspace ONE and one other MDM. Based on my experience, I think Intune is the most robust because of how easily it can integrate with the other Microsoft tools. You won't need to deal with the process of connecting the Active Directory to Intune. Once you have your account with a subscription and a license, it will connect automatically, and you won't have a big problem with it. 

What's my experience with pricing, setup cost, and licensing?

Microsoft offers a license that lets you access all the tools. Purchasing that license will probably be the most cost-effective if you plan to implement a Microsoft-oriented infrastructure. It's cheaper than purchasing all the products separately. 

What other advice do I have?

I rate Microsoft Intune eight out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Microsoft Intune Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2025
Buyer's Guide
Download our free Microsoft Intune Report and get advice and tips from experienced pros sharing their opinions.