What is our primary use case?
We support other companies in managing their devices. Right now, we have multiple projects wherein we are only utilizing the Windows aspect of Intune, but for some of the other organizations, we are utilizing Android and iOS features. For most of the projects that I am working on, the use case is autopilot enrollment, and for iOS, it is through ABM.
One of the most common requests that we get is that most of the users are still on-prem. They need to be moved to the cloud, but they do not want to lose the data on-prem. The basic request that we get is to get co-management enabled for on-prem and the cloud for managing devices. The basic request from every organization I have worked with so far is to get a hybrid or the same management scenario. This is what we utilize Intune for.
How has it helped my organization?
All the device information is available in one place. We can see which profiles are being used and other things. If I want to get any information about a device, I just have to select it, and it shows me everything that I want about the device.
As an admin, we have different privileges to a user. In terms of user experience, it is quite easy. It is easy to understand. They have been making a lot of changes to the layout and the categorization. It is much easier and user-friendly. Overall, it has been a pleasant experience to use the portal. Everything is categorized in such a manner that it is easy to understand and navigate.
Advanced endpoint analytics are certainly used in almost all the projects that I have worked on because the security baseline is a very crucial part of configuring all those things in one single place. Apart from that, other profiles are also configured.
It is quite handy. For the general device configuration, we might have to create multiple profiles for different things. When it comes to the security baseline, multiple components are configured into a single policy. That makes configurations easier to handle and easier to change in the future if required. One thing about endpoint analysis that can be an issue is that there is an imprinting policy. Sometimes for some of the components, even if I change the policy, it would not make the change in the device. The policy gets tattooed on the device.
The Cloud PKI helps manage the complexity of certificate infrastructure. It makes work much simpler. The configuration that needs to be done is much simpler.
It makes application deployment and management easy on a device. It is easy to get them packaged and pushed out. Applications are available in the first sync itself. It is pretty easy to do that with Intune.
In terms of integration, so far, we have set up co-management features with SAPM, and it has been going well. The settings are pretty easily understandable. We can do them easily. The setup is smooth. In case of any issues, the logs and troubleshooting are very simplified. It gives pretty accurate information. The APM portal can also be very easily configured. The steps about what to do next are available in the Intune portal itself. It works well with other consoles.
I would assess Intune highly for securing hybrid work and protecting data on company and BYO devices. I would rate it a nine out of ten for this.
As an admin, Intune has made life much easier. Any information about a device is available in one console. We do not have to navigate to multiple portals to see what is going on. The console gives us the answer. Intune gives us information about the error and the possible reason for it to happen. We can see the device status and whether it is syncing. Everything is available in one single source. As an admin, it makes my life easier.
Intune has made the transition from on-prem to the cloud a smoother and simpler experience. We do not even have to make a complete transition. If we want to set up co-management where both of them are in the picture, Intune does a great job in helping out the admins to manage those devices.
What is most valuable?
In the recent upgrade, I feel the portal has become much more user-friendly. The navigation, the keys, and the settings are easy to find. It is easy to understand. As compared to the previous versions or SCCM, it is very handy. Apart from that, we have many configuration profiles. They have been introduced over the course of time. We had put in the request for them. Some aspects that were not available previously are available now. It keeps improving over time, which is beneficial.
What needs improvement?
Reporting needs to be better. Sometimes, it is way too slow, and it is not even accurate. Reporting is one aspect about which we have received a lot of complaints. As an admin, I cannot rely on its reporting.
Another feature that can be improved is audit logs. There should be more details in the audit logs.
For how long have I used the solution?
We have been using it for almost four years.
What do I think about the stability of the solution?
I would rate it an eight out of ten for stability. I do not believe that any product is completely stable given the fact there is always something new that comes into the market, so it has to go through changes. You never know what those changes might be and whether a release is compatible with certain devices, etc.
What do I think about the scalability of the solution?
We have more than 100 users. Our clients are large enterprises.
How are customer service and support?
We have had a mixed experience. Sometimes we get an engineer who is extremely aware of what is going on and is very quick with the resolution. We get an answer quickly, and the ticket gets closed quickly. However, sometimes we get an engineer who prolongs the case to an unnecessary time frame. We might get an email in six to seven days. We need to keep chasing them about the update. Their support can be improved.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I have worked with SCCM which is a Microsoft product. I have not worked on any other similar solution.
How was the initial setup?
We have a combination of cloud and on-prem. We do have GPOs in the picture. We also have cloud users. We have Windows 365 devices. It is a combination of both so far.
Its deployment is pretty straightforward. They provide the details or info in the portal itself, so it is not very difficult. You do not have to go searching for the information.
The initial setup does not take time. Setting up an account for the organization rarely takes five minutes or so, but the time taken for doing the setup for the entire organization, which includes setting up policies and other things, would vary. It depends on the number of activities that need to be performed.
It does not require much maintenance from our side. Over time, they provide new releases that fix the issues that have been stated in our health control section.
Which other solutions did I evaluate?
Based on the features that it gives, it is cost-efficient. It is not necessarily on the expensive side of the scale. It provides a hefty number of features that any organization would want. It is in a good price range.
What other advice do I have?
Intune does not necessarily bring all of the endpoint and security management tools into one place because there is a role of connectors in Intune that need to be enabled in order to get other accesses. Things like Defender, Compliance, and Purview need to be managed in the device in itself. I do not necessarily see it bringing everything into the same picture, but it does act like a mediator with those connector options.
With the projects in hand, we are mainly focusing on applications and Windows. I have not had an opportunity to explore it much when it comes to iOS and Linux. We are not using the Enterprise Application Management features of Intune Suite. We have done the configuration via Azure.
We are testing out Microsoft Copilot in Intune. We have not had many opportunities to use it.
To a colleague at another company who wants to know what I think about Microsoft Intune Suite, I would say to definitely go for it. I have seen multiple portals, and Intune goes way far. In terms of features and interface, Intune is much superior to any other console that I have seen so far. It is easy. It has many configurations. It is easily understandable. Everything is good about it, and it is growing with time. Within a span of a few months or weeks, you might see a new update, a new configuration profile, or a new system that could be managed. Some kind of new feature is always coming up.
I would recommend Intune to others. If anyone comes to me with any questions or concerns, the first thing I ask is how they are managing their devices. If they are using anything apart from Intune, my suggestion is to use Intune.
Overall, I would rate Intune a nine out of ten.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Intune is really the best option for SMEs for MDM (Mobile Device Management), particularly for BYOD devices, but also corporate devices - and development in the technology means that it's pretty much now a strong option for enterprise deployment to corporate devices.
Deployment has its challenges - but now with Cloud provisioning - Intune management and deployment are becoming more straightforward.
Intune is essential for enforcing policies such as screen lock and MFA.
If you use Microsoft Authenticator - it's worth doing user awareness training around the design flaw below:
https://www.linkedin.com/posts...;