What is our primary use case?
You can use Intune to manage devices for any size project, from a small business to an enterprise-level project. You can manage hundreds of thousands of devices. Intune can manage on-prem and cloud services. We are working with large enterprises mostly.
How has it helped my organization?
Intune encompasses all devices, applications, and policies that can be deployed within an organization through a single portal. In the event of an outage, it simplifies the management and resolution of issues or policy adjustments. It allows for the management of security profiles, applications, and devices from one portal across any operating system platform.
Consolidating everything in one location enhances the efficiency and productivity of IT administrators. Since adopting Intune, our IT team's productivity has increased by 20 to 30 percent. Additionally, the integration of Copilot has further improved our efficiency by 5 to 10 percent.
However, there are exceptions. Certain applications cannot be deployed easily via Intune. Win32 deployment is necessary for these, which can be challenging as it demands extensive testing to release a custom package from Intune. More innovation is needed to deploy custom applications, which would greatly benefit us. For most enterprise scenarios, application deployment is relatively straightforward.
Hybrid environments call for innovation, particularly with hybrid enrollments using GPO. While most autopilot hybrid scenarios and co-management run smoothly, I have encountered issues with hybrid GPO enrollments due to their complexity.
Intune is a leading secure solution in the Indian market. It allows the creation of any conceivable security policy. With the addition of
Purview and
DLP modules and integration with
Microsoft Defender for Endpoint, security has never been a concern, and our security posture is nearly impeccable.
Intune has also facilitated vendor consolidation. It is our primary recommendation for an
MDM solution because it offers the productivity and features that would otherwise require integration of multiple solutions from other vendors. The industry is now transitioning from on-premises Intune to cloud-based management.
Intune enables the deployment of any security solution. Although it does not integrate, it allows for the deployment of a wide range of security measures.
What is most valuable?
I appreciate how Intune consolidates everything in one location. For instance, it allows the setup of conditional access for applications and devices directly within Intune. The segregation feature within Intune devices is also beneficial. Devices can be categorized by Windows, iOS, iPadOS, macOS, and Android, and sorted by platform, eliminating the need to navigate the devices section.
The app management feature has seen significant improvements. Initially, navigating the app section was quite challenging, but now, all my concerns have been addressed. It's possible to deploy or manage any application, with reports and app-protection policies accessible in the same section, which is quite convenient.
I would rate the user experience at nine out of 10. Having utilized various
MDM solutions from Microsoft, Cisco, and VMware, I find Intune to be superior. We employ
Microsoft Defender for Endpoint and
DLP policies in
Purview, along with multiple security policies such as baselines and
BitLocker for encryption. This integration simplifies the administration of security features from other tools in one place.
The most sophisticated analytics we've utilized are group policy analytics. As a consultant, I often handle multiple migrations, primarily from on-premises to the cloud. Group policy analytics are particularly useful in these scenarios as we migrate on-premises policies. If Intune lacks support, we must either start anew or seek alternatives.
Copilot is beneficial as it supports various CSPs or policies. Despite extensive use, one cannot be fully versed in everything about Intune. Whenever there's confusion, Copilot is a valuable resource to clarify and ensure the feasibility of creations within Intune. Copilot assists in profile creation and assignment considerations.
My perspective on tools like Copilot is that they are artificial; the intelligence aspect is still emerging in the AI industry. Nevertheless, Copilot is a well-maintained and informed tool.
What needs improvement?
Microsoft currently restricts deployment to PowerShell or XML scripts, so it would be beneficial to support additional scripts such as command scripts, C languages, or TypeScript to enhance systematic compliance.
While the UI has been updated, it could be made more accessible. Navigating to a specific section in Intune requires multiple clicks through different areas before arriving at the intended destination, indicating the UI could benefit from further improvement.
The process of application discovery and deployment is relatively seamless. Nonetheless, there is room for enhancement in the reporting aspect. Intune still lacks comprehensive reports, and notably, its failure reporting does not succinctly communicate the full extent of an error.
For how long have I used the solution?
I have used Intune for more than six and a half years.
What do I think about the stability of the solution?
I rate Intune 10 out of 10 for stability.
What do I think about the scalability of the solution?
With Linux and Chrome OS now supported, the scalability has reached 100 percent. Every device or endpoint operating on our OS can be enrolled in Intune.
How are customer service and support?
I would rate Microsoft support as four out of ten. Support is an area where Microsoft could significantly improve. I had an issue with Microsoft Azure recently, and after raising a ticket, it took two and a half weeks to receive a response. There is a need for enhanced support across all their product offerings.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We have utilized Cisco Meraki, VMware Workspace ONE, and Jamf for managing Apple devices. However, Intune stands out among these options because it overcomes application deployment limitations that others have. While some support only Apple or Windows devices, Intune excels in compatibility, supporting Android as well. Moreover, Intune can implement more security policies than any other MDM solution available.
How was the initial setup?
Hybrid enrollment is typically complex, yet cloud autopilot simplifies the process considerably. It's possible for anyone to grasp cloud deployment within five to ten minutes. While the most intricate enrollments, involving thousands of devices, may take two to three weeks, a cloud-based deployment can be accomplished in approximately one week.
What about the implementation team?
This was completely in-house.
What's my experience with pricing, setup cost, and licensing?
Intune is considered moderately priced. It is available as part of a bundle with Microsoft 365 E3 or E5 licenses. While the E5 licenses are somewhat costly, Intune offers some more affordable solutions.
Which other solutions did I evaluate?
Yes, we evaluated Cisco Meraki and VMware workspace One.
What other advice do I have?
I give Microsoft Intune a rating of nine out of ten. Intune stands out as one of the top solutions in the market, and its capabilities are expanding with the integration of cloud PCs, Chrome OS, and Linux systems. For any large enterprise, I endorse both Intune and Defender.
The recent CrowdStrike outage, which is the largest in IT history, affected only systems without Microsoft Defender but with CrowdStrike. This incident underscores the importance for enterprises to transition towards deploying Intune and Defender for enhanced security.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner