Microsoft Intune Reviews

I used Microsoft Intune for compliance policies, configuration policies, and Intune enrollment.

We implemented Microsoft Intune to manage mobile devices in bulk and enforce management policies.

Intune was deployed in a hybrid environment. Devices were initially onboarded to Azure Active Directory and then enrolled in Intune. All devices originated from a local Active Directory.

Intune brought all of our endpoint and security management tools into one place. 

Having our endpoint and security management tools in one place saves time, and I have most of the information in one dashboard.

From an administrative and user standpoint, Intune offers a beneficial and secure user experience.

I have had a great experience with enterprise application management for app discovery, deployment, and automatic updating because it automates all the procedures.

Intune improved our data governance, security, central management, and policy application. I realized these benefits after two to three months of seeing how Intune works.

Intune effectively secures hybrid work environments and safeguards company data, especially on BYOD devices. Through Intune, we can monitor all devices accessing company data and manage them centrally, which is crucial.

Intune affected IT productivity in our organization by governing company data, securing global data, and saving time, all through central management.

It helped our organization save 50 percent of costs by integrating Office 365 and Intune into one license. We didn't have to use third-party software for mobile device management.

Intune helped consolidate vendors. This consolidation has dramatically improved our security posture.

The vendor consolidation helped reduce our licensing costs.

The integrated capabilities of Intune within the Microsoft 365 and Microsoft Security suites are essential for managing cloud and co-managed devices. They provide a comprehensive solution under a single license, eliminating the need to install agents from third-party vendors and saving significant time and effort.

The compliance and configuration policies in Microsoft Intune are the most valuable features, saving significant time compared to manual implementation. The security integration with Microsoft Defender is also valuable.

Although Intune is from the same provider, its integration with other Microsoft products, like Microsoft Defender or Microsoft Purview, could be improved. Regarding synchronization, there are occasional delays in updating a device's status. Integrating Microsoft products, such as Microsoft Purview, Microsoft Defender, and Entra, requires enhanced synchronization capabilities.

I have been using Microsoft Intune for almost three years.

I would rate the stability of Microsoft Intune eight out of ten.

I would rate the scalability of Microsoft Intune eight out of ten.

Intune has too many capabilities. Deploying it is not straightforward, but it gets easier once you understand how it works.

For 200 devices, the deployment took us almost three months to complete.

In conjunction with Microsoft Defender, Intune has significantly reduced our spending on third-party endpoint security solutions. For instance, we previously used Check Point, but after implementing Intune and Defender, we discontinued using it, resulting in substantial cost savings.

Our Office 365 Business Premium license, including Office 365 and Intune Management, offers excellent value.

I would rate Microsoft Intune eight out of ten.

I would recommend Microsoft Intune to others.

Intune offers a wide array of capabilities, and even after extensive familiarity with the platform, it's difficult to fully grasp its potential. To effectively implement Intune, it's recommended to conduct thorough research, primarily through online resources, to understand specific requirements and capabilities in advance.

A subset of our staff works remotely. We ship laptops directly to them from our vendor, and they complete the setup process using Microsoft Intune. This process has been working seamlessly.

Microsoft Intune has been a time saver and reduces the time and effort IT admins have to invest.

The user experience with Intune has generally improved since the retirement of the old Silverlight-based legacy portal.

Microsoft Intune's Autopilot has been nice to have. It provides a cloud deployment process where we don't even have to touch the equipment—it arrives provisioned and ready to go.

Historically, Group Policy has simplified the management of various items, such as printer and drive mappings and while Intune offers workarounds, it lacks native support for these functionalities. This is an area I believe needs improvement.

I have been using Microsoft Intune for about five years.

It is nice that we don't have to manage any local on-prem servers. Intune just runs itself.

It's nice that we can provision a bunch of equipment almost immediately without any hands-on involvement.

Microsoft support has significantly improved since we obtained the Enterprise Agreement. Previously, the support we received was not as satisfactory.

Neutral

We previously used SCCM to manage our devices but switched to Microsoft Intune to simplify cloud management when we transitioned to a remote workforce during the pandemic. We are pleased with the transition to Intune.

The initial deployment went smoothly thanks to our Microsoft Enterprise Agreement, which provided access to support and Software Assurance Training hours. The documentation was clear, concise, and easy to implement.

We implemented Microsoft Intune in-house.

Microsoft Intune's Autopatch feature has significantly reduced the time and effort required by IT administrators, resulting in a positive return on investment by streamlining patching processes and increasing efficiency.

Intune is included with our F3 and E5 licenses. However, some suite features should be accessible without additional cost, a sentiment widely echoed online.

We evaluated several solutions, including ManageEngine and Meraki, before ultimately selecting Intune, which was conveniently included in our existing licensing agreement.

There were some aspects that were easier in some of the competitive solutions, but we would have had to pay extra. It wasn't included, so we decided to go with Intune. And overall, as the years progressed, Intune improved some of that functionality.

I would rate Microsoft Intune an eight out of ten for scalability.

Our primary use case for Intune has been securing our desktops. We now also use it to secure our servers, which started about a year ago.

Before, we used to reactively track down issues and fix security holes. Now, we're more proactive, stopping threats before they occur rather than reactively removing them afterward. This change helps stop the spreading of security issues.

Intune's integration with Defender and other security solutions is valuable because it offers a view into different security vulnerabilities and enables us to secure them more effectively. It's easy to use. There isn't a huge learning curve. It doesn't take long to get in and figure out where everything is. 

The application management feature's automatic updates help a lot, especially when we need to push updated scripts and apps to our desktops. We can update quickly instead of getting everybody to download and install it. 

Intune's server management could be better. If it could incorporate more features from System Center into Intune's Configuration Manager, it would be beneficial.

I've been using Microsoft Intune for about seven years.

There are no problems with Intune's stability. 

Scalability is great. We've had no issues scaling it across different environments, managing multiple Office 365 tenants and servers with no problems.

We used System Center Configuration Manager before moving to Intune. It's essentially an upgrade that allows us to manage both desktops and servers.

The initial setup had some issues, primarily with understanding scattered documentation, but it was resolved without much difficulty.

We deployed Intune in-house with our internal IT staff.

We are saving at least two or three hours a day since implementing Intune.

I don't have any information on pricing, setup costs, or licensing.

We did not evaluate other options before choosing Intune.

I rate Intune 10 out of 10.

Our company has consistently used Microsoft products. As the mobile device administrator, I oversaw the transition from Workspace ONE to Microsoft Intune. This decision stemmed from a desire to reduce licensing costs by leveraging existing Microsoft licenses held by all employees, ultimately leading to significant financial savings.

Intune consolidates endpoint and security management tools into a single platform. This centralized approach allows for specialized roles while maintaining a shared understanding of the complete security solution.

Intune's overall user experience is good.

Intune's most valuable feature is its centralized management capability.

The enterprise application management system for mobile devices is effective for app discovery, deployment, and automatic updates. The automatic update feature functions well, eliminating the need for manual updates and individual prompts, which is convenient for both administrators and users.

Intune has made things easier for us because we are using Autopilot to build our laptops.

We've saved a lot of money by moving from Workspace ONE to Microsoft Intune for mobiles.

I've recently started using Microsoft Intune, specifically its mobile device management features. While both Intune and Workspace ONE offer similar functionality, I've noticed that Workspace ONE operates in real-time, whereas Intune has a noticeable delay when deploying policies or apps. The time we have to wait to deploy policies has room for improvement.

People using Intune for Windows deployment, etcetera, can get annoyed because of the Windows updates.

I have been using Microsoft Intune for three months because we've just moved over.

From a mobile perspective, Microsoft Intune has been stable.

From a mobile perspective, Microsoft Intune is easily scalable.

I have contacted technical support only once, and it was very helpful.

Positive

We used VMware Workspace ONE previously. The decision to switch and save on costs was made by the higher-ups.

I would rate Microsoft Intune nine out of ten.

I would definitely recommend Intune to a colleague. It provides a centralized platform for managing various devices, including laptops, desktops, and mobile devices, and seamlessly integrates with other Microsoft solutions like Azure and Active Directory.

We have a team that continuously works on solutions to make workflows smooth, like building laptops and ensuring deployments work smoothly.

Microsoft Intune is deployed across various departments and locations within our local government council. We have different physical sites and departments, and Intune is managed and implemented at the departmental level.

Our team is continuously developing solutions to streamline the laptop production workflow, including assembly, traffic management, and deployment. We also have a separate team dedicated to ensuring the process runs smoothly.

We are using Microsoft Intune for mobile device management (MDM) to provide context-aware access to the users. Mobile device management is what we predominantly use Microsoft Intune for.

Initially, the scope of Microsoft Intune was not too good because it could only manage certain endpoints such as laptops, desktops, and mobile devices. We initially had a problem with the servers, but they started supporting servers in the last three or four years, so now, it is good. It manages virtual machines and servers, both on-premises and in the cloud. It has improved and is still improving in a lot of areas. 

It provides group policies that we had in the early days of Active Directory. That is good when it comes to applying the policies to endpoints and servers from Microsoft Intune. Initially, we did not have all group policy settings inside Microsoft Intune, whereas now, we have patching and the ability to push the policies for antiviruses, etc. We can also handle mobile device management policies. Everything can be done via a single console. It is easily manageable, and we can have a single administrator to manage all the policies. We can have one or two administrators for backup. Traditionally, we had multiple administrators for each and every console. When you are a big Microsoft shop, it is easy to manage everything.

Microsoft Intune is good for a hybrid workplace. The conditional access policy is one thing that we can use for devices. For example, we can allow access to critical data only from corporate devices and not from personal devices even if someone is using the company account. We can go even more granular where someone can access the data but cannot download it to his or her personal device. Microsoft Intune is good for handling BYO devices.

It has had a good effect on our organization's attack surface. I would rate it an eight out of ten for that. We can implement rules for attack surface reduction. That is possible when devices are managed by Microsoft Intune. 

The IT productivity in our organization is far better. I would rate it nine out of ten for that.

Mobile device management is good. I am easily able to manage devices and assets, especially laptops and desktops. 

An important feature in Microsoft Intune is the Conditional Access policy, where I can provide specific access to a specific user based on geolocations, and there are multiple options inside it. Conditional Access is its best feature.

Its user experience is very good. I would rate it a nine out of ten for that.

For Windows machines, all the features are available within Microsoft Intune, but when it comes to Mac machines, it is still improving. It is not as good as Jamf. When it comes to customizable policies and other things in Mac machines, it is a little bit difficult. It is not as good as Jamf, but for Windows, Microsoft Intune is good if you have a good budget.

Its integration with Mac and Linux devices can be better. They should provide more features similar to Windows. We should be able to manage policies within Linux and Mac machines. If we can have more granular controls for these two operating systems, it will be really helpful. That is one area where they can improve.

When it comes to automatic updates, none of the vendors are doing it so well. The expectation right now is to have everything automated and automatically upgraded to the latest version of the software. The discovery capability of Intune is good because it is Microsoft. They can do discoveries based on their internal commands and other things and pull all the information into Intune. That is easy, but doing the upgrade of third-party software is a little difficult. It is evolving, but we cannot do the upgrades of all third-party applications. A financial or banking organization allows a limited set of applications to be used. For them, Microsoft Intune is better because when you have only 15 to 20 applications, you can easily upgrade them through an automated platform like this.

It is not similar to any of the PAM solutions. It is still in the starting phase. Other PAM solutions, such as CyberArk, can do remote session management. They can handle vaulting and other things. When it comes to EPM within Microsoft Intune, I do not know whether they are planning to go with the PAM or Privileged Access Management platform, but with the current solution, we can do user account management. We can do password rotations. We can add a new user, remove a user, and provide access to a particular resource for a user. All these steps are manageable and possible, but for Privileged Session Management and Access Management, it still needs improvement.

It is very important that the capabilities of the Intune Suite are integrated with Microsoft 365 and Microsoft Security for both cloud and co-managed devices. The integration with the M365 platform, especially with Microsoft Defender for Cloud, Cloud Apps, and Endpoints, plays a big role. Intune can discover and find out the devices. The integration is still happening. It is not yet over. There is room for improvement.

I have been using Microsoft Intune for about seven years. I have been a customer for four years and then became a partner because I joined a new organization. This new organization is a partner of Microsoft. I have been with this organization for three years.

If there are any issues with Microsoft Azure Cloud, we may have issues or downtime, but they are rare. It is 99.99% available. Only if Microsoft Azure Cloud goes down, we have a problem. Otherwise, it is okay.

There are no issues with scalability because it is a cloud solution. It is automatically scalable.

If you are paying for support, you get good support. If you are not paying for support, you do not get support.

Technical support can be a bit of a problem when it comes to costs. They have a professional service and a normal service. With the normal service, it is difficult to find out answers from them because they are not experts. We only get experts with the professional service, so if we pay, we get support. This is something difficult for a small organization because they cannot always pay for support for every issue.

When you give a product, you should always provide good support. If you do not have technical people, what is the purpose of having a support team? It is useless. They should have at least one or two people who can technically help an organization.

We use different tools. We use Jamf for Mac and Ansible for Linux machines. We have not yet fully switched to Microsoft Intune for Mac and Linux. Very few Mac machines are with Microsoft Intune. Most of our Mac machines are still with Jamf.

Companies that are using Microsoft products go for Microsoft Intune. However, when people have more Linux or Mac machines, they do not choose Microsoft Intune for their organization. We recommend a solution only after knowing the expectations and use cases of a client. Small companies do not prefer Intune because they can have JumpCloud. Small companies with less than 500 users can also go for Google Workspace. For companies that already have a Microsoft license such as E5 or O365, going for Microsoft Intune makes sense.

Microsoft Intune improves the security posture, but because of the budget and other constraints, organizations can start looking at other vendors.

It is not complex when it comes to Windows machines. It is straightforward, but when it comes to the other operating systems, it is complex. It is not easy.

The number of people involved depends on the users. If you have 1,000 devices, for Windows machines, you do not need more than three or four people. However, for 1,000 Linux or Mac machines, you would need a ten-member team.

The maintenance is easy. You do not need extra people to manage Microsoft Intune because it is a cloud service.

I am using E5 security and compliance. It has all the Intune options and security and compliance subscriptions, so I use the full suite of Intune except the EPM module. We have not yet started using the Endpoint Privilege Management module. It is a small add-on that we have to use. Other than that, we are using everything.

There are other tools that give a similar approach but are not as good as Microsoft Intune. In terms of cost, it is more expensive than other tools like JumpCloud, Google Workspace, etc. There are multiple tools like this. Only if you are a Microsoft shop, I would recommend going for Intune. Otherwise, use some other tool and manage the organization.

Its licensing model is not complex, but it is very expensive compared to other solutions. They can bring more models and reduce the pricing. They should allow customers to select the features they want and price it accordingly. That would be a better option because not every organization needs conditional access or an antivirus solution. Some organizations that use Intune might use CrowdStrike, so they do not need Intune policies for antivirus. It would be better if they could bring more plans.

I would advise to not look at the cost first. Instead of the cost, look at the features and then list down the use cases for your organization, and then go for the consolidation of the tools. Microsoft Intune can give you a lot of features, but whether it is suitable for your organization or not is the main question. List down the use cases and then assess Microsoft Intune because it can give a lot of features that you do not want, but you cannot omit them while buying it.

We are not using Advanced Endpoint Analytics because we have Sentinel and Chronicle SIEMs in our organization. We also use SDR platforms, so we are not using Microsoft Intune for any of the analytics. We are also not using Microsoft Intune Suite's Cloud PKI.

We started using Microsoft Copilot for a small organization. It has only been two months. We are building the use cases for that organization. They have purchased the licenses, but we are building the solution design and use cases for that particular organization. They want to automate most of the things, identify the non-compliant devices, and automate whatever they find non-compliant. Our aim is to identify non-compliant devices, do some automation, and block them from accessing any of the critical data inside the organization, but we do not know if Microsoft Copilot can do that.

Overall, I would rate Microsoft Intune a nine out of ten.

We use Microsoft Intune for both application management and deployment for new users. Applications are packaged within Intune and then deployed to the end user's machines or devices, specifically targeting designated user groups.

Intune allows us to manage all our devices from one location.

The ability to manage all our devices from a single platform has significantly enhanced our security and IT operations. Previously, we relied on multiple applications, such as Ivanti and SCCM, to manage devices and security.

Intune is easier to use than SCCM. As a SaaS application, its services are GUI-based, simplifying its overall complexity.

We use Intune's advanced endpoint analytics to report the number of compliant devices, apply remediation, see the reasons for non-compliance, and track the number of BYOD devices. We can integrate third-party tools like ServiceNow if we need reporting or analytics that are unavailable through Intune.

Copilot's integration with our teams and Outlook has streamlined our workflow. It simplifies tasks like drafting emails and creating Word documents or PowerPoint presentations by providing helpful suggestions. Additionally, Copilot's independent profile allows us to reference documents from our OneDrive and seamlessly incorporate them into our emails. We can even leverage Copilot to reference Intune and integrate it into our various cloud data. Although Copilot is still in its early stages, its potential is evident. As we continue to use it, it will gather more data and refine its capabilities, offering even more features and benefits to end-users. Currently, we primarily use Copilot for drafting emails, creating presentations, and similar tasks, but its future applications are promising.

Intune helps protect data on both corporate-owned and BYOD devices in hybrid work environments. Devices can be registered through the company portal, and Intune can restrict their access to local storage, preventing unauthorized data downloads.

The endpoint privilege management feature helps restrict users' access. For instance, if they are accessing Outlook, they should not be able to access their local drives, preventing them from uploading or downloading anything from their corporate email. This feature enables those types of security settings.

Intune has significantly improved our productivity. Thanks to Intune and Autopilot, tasks that previously required four to five hours of IT effort can now be completed in just one hour. This translates to a 75 percent increase in IT productivity.

Intune has significantly reduced costs from a resource perspective. Thanks to Autopilot, scripting, and automation within Intune, a junior person can now complete tasks that previously required two engineers. This efficiency has resulted in a 50 percent cost reduction.

Intune has allowed us to consolidate other tools, such as SCCM and Jamf, reducing the need for additional licenses.  

The automatic patch management feature in the Intune Suite is helpful.

Intune has all the features enabled for Windows devices but needs to be improved on iOS and Apple devices. 

I have been using Microsoft Intune for one and a half years.

The response time from technical support has increased over time. Contacting their support remains straightforward, but while we used to receive a response within one hour, it now takes three to four hours for a Microsoft engineer to respond. The quality of their response has stayed the same.

Positive

Before implementing Intune, we used SCCM. We switched to Intune because of their advancements. We still use SCCM exclusively for server-related deployments, managing server-related applications, and patching. Everything for end-user devices has been moved to Intune. As for other similar tools, Jamf, which we used for iOS device management, can now be retired or decommissioned from our infrastructure since we can also manage iOS devices through Intune.

The deployment of Intune is straightforward, as it's a SaaS-based application. We set up our Intune connector and Azure Active Directory or the Azure AD Connect server to synchronize objects to Azure. Once that's done, we can manage our devices through Intune.

I rate Microsoft Intune nine out of ten.

The integration of Intune Suite with Microsoft 365 and Microsoft Security is included in our E5 license, providing us with the Intune license at no additional cost. This eliminates the need to purchase a separate Intune license, saving us money and streamlining our licensing.

Intune is a tool for managing configurations and policies for devices. It has additional benefits like monitoring and enforcing security measures. It helps us ensure that the devices we provide to our users are perfectly controlled so that data isn't leaking. For example, I can enable BitLocker to encrypt data on all employee devices. All laptops in the organization require antivirus software. Any laptops without antivirus are non-compliant, so I can block them in Intune. 

I can also use Intune to lock down specific activities on mobile devices. When people access their email, Microsoft Teams, or OneDrive on their mobile devices, I can enforce a policy that prevents them from copy-pasting data from the corporate email address mailbox to their phones. I can also block screenshots. 

We have nearly 100,000 users across multiple locations. That's one benefit of Intune. We can cover devices at several locations with a single cloud-based solution. 

The great part about Microsoft Intune is that we can target for Android/IOS/Windows devices with full control. We can also enroll Mac and Linux OS and enforce certain configurations and get compliance reporting. This provides us a key criteria for zero trust deployment model.

And now we have the option to integration of Ms Intune to MAC JAMF with API integration which makes the life simpler

And administrative Units helps a lot in scoping the device and providing the delegation to the required administrators which creates a very good RBAC management as well.

Intune is a cloud-based solution, so we avoid many of the headaches associated with on-prem maintenance like for example SCCM which was doing this job in the past and we need frequent patching and maintenance as well. Because Intune is a cloud-based solution whereas SCCM depends on on-premises technology to function, Intune has a simpler architecture with more options on MAM, reporting, security & MDM. We always get the latest security features and enhancements from Microsoft with the cloud-based solution Intune.

Intune allows you to create policies for managing mobile devices and mobile applications. Mobile application management targets and protects only the application. It will create a container for your application on the mobile device, securing the container and application. Mobile application management allows you to set limits on what employees do in specific applications that contain corporate data, such as Microsoft Outlook.

Intune device restriction policies enable me to enforce limitations on the device, like blocking the mobile camera or restricting the employees from using and inserting USB devices, including thumb drives and flash drives.

Intune's reporting and logging could be improved. When troubleshooting, it's difficult to collect the logs and determine what's happening. If I want to filter out the compliant devices, I can see it from the logs, but I would like the option to drill down further. 

I select one device, and Intune tells me it's non-compliant. I click on it, and it tells me the antivirus service is not running. It should provide some additional information. When did the service stop? Did the service start in the first place? Intune's internal graph API should also be improved because that is where we can apply commands. 

I've been using Intune for the last six years.

As stated the solution is very stable because there is 24/7 monitoring of the core component by Microsoft Monitoring Team. 

Microsoft Intune can scale easily since it's a cloud-based solution and we need to procure only licenses per user and no need to worry about maintaining the backend core component because it's handled by Microsoft.

I rate Microsoft's support a seven out of ten. Support is one area that requires massive improvement. In most cases, the frontline engineers collect the logs. After they review the logs, they will find the person who can help us fix the issue. 

Neutral

We previously used Microsoft System Center Configuration Manager, Microsoft's on-premise configuration management solution. We switched to Intune because we purchased an EMS E3 license that covers Outlook, Teams, Intune, etc. 

Ultimately, it comes down to costs. We don't need to spend money on SCCM licensing, and we get better cloud-based monitoring and reporting than SCCM. Most people prefer to move to Intune because they get some additional features included for free when they buy the EMS E3 license from Microsoft.

Setting up Intune was initially complex because we need to migrate everything from SCCM to Intune. If you already have your policies and configurations worked out on-prem, it will be the same once you move to Intune, and you'll see a massive improvement in configuration, compliance, reporting, and mobile device management.

The return on investment is that I have a better way to secure my devices and make them compliant. 

Intune's pricing is competitive. For example, the license of Blackberry's Enterprise Mobility Suite was costly, but Intune is affordable. It is included as an additional feature when you buy security enhancements for your organization. For example, let's say I have fifty users in my organization and all of them are using Microsoft cloud services, like Teams, Office 365, and OneDrive. 

In order to protect this, I'm going to buy the EMS E3, which includes security and also the option to utilize Microsoft Intune. I don't need to buy an additional license for software and device management. I can do all of this with the same license I bought for Microsoft security.

I see a significant gap between Microsoft Intune and products by other vendors. We were using SCCM on-premises, but Microsoft Intune added monitoring and security features, so we didn't see any suitable alternatives. 

I rate Microsoft Intune a nine out of ten. Before deploying Intune, you must understand your current setup and security needs. If you're only looking for a security solution, you can deploy Microsoft Defender for Endpoint. However, Intune is ideal if you want a more comprehensive security solution that covers configuration and compliance management. You need to understand the gaps in your current solution and what you want to overcome. 

I'm an IT manager contracting with a European company. We had to onboard Windows machines to the Azure AD, but they did not have an on-prem AD. I prepped the Azure AD on the cloud, and I started to migrate the laptops to Azure AD. 

Once that is done, we need to apply policies, but group policies will not run from Azure AD because there's no on-prem AD to derive the policy from. Intune comes in handy there. It has multiple capabilities. You can create your configuration profiles in Intune that apply to Windows and Mac. You can create security profiles and configuration profiles, and you can apply browser settings to some extent. It isn't a small tool in terms of size or breadth of capabilities. It's very capable. Anybody who has used SCCM will see a lot of similarities.

Intune has many components that replace third-party products. For example, Intune creates an inventory of each machine. Otherwise, I'd need a third-party asset management tool. Intune can also tell me which users are accessing a given machine because it's integrated with Azure AD.

It's easy to deploy a configuration or policy to a system, especially when you don't have Azure AD. Now we are talking to all these small and medium-sized customers who don't necessarily have an on-premise Windows Active Directory. If they have invested in Office 365 Premium, this functionality becomes available to them.

That's considerable savings because you get Intune with Office, and you're getting slightly more advanced Azure AD capabilities. They also get MS Defender, which is there on the Windows client. This March, Microsoft introduced Defender for Business. They activated the business subscription with the Office 365 Business Premium subscription. If a customer is looking for an antivirus solution with a centralized capability, the product is already there. 

Intune allows you to control the policy if you want to control hard drive encryption. We have third-party tools in the market that we used to invest in. Today, we have Windows-native BitLocker, and I can use Intune to manage that BitLocker encryption.

Intune can set policies on each machine. I can create rules and apply them to individual machines. It's much easier than using the Azure AD system.

Reporting in Microsoft solutions is pathetic. With Intune, I'm getting a free inventory tool, but I don't get a reporting tool. When I go to Intune, I can see one machine's entire data in terms of the hardware and the software running on it, but I cannot generate a report for all the machines in the organization. The reporting is the only feature holding back the functionality that is already there. 

All the other third-party tools are doing the same thing, whether Atlassian, ManageEngine, or Ivanti. They all install an agent on your system. Intune also has an agent on your system collecting inventory details and sending them across the central console, but Microsoft doesn't have the reporting capability there. That is the only drawback I see.

I started using Intune last year.

Intune is perfectly stable. We've had zero downtime.

Intune will scale because it's a cloud system. We are not installing anything. It's a Microsoft service. I have it running on around 200 machines.

I rate Microsoft support nine out of 10. In the past year, I've made 20 or 30 support requests on the Intune platform. Each time, it has been smooth. Usually, they sort the problem out on the first try. Once, the ticket was open for about two weeks because they had to do some backend testing on their side. 

Positive

I have used ManageEngine from a company called Zoho Corporation to do inventories and patching. Microsoft Intune lacks capabilities to patch Windows, Office 365, Acrobat Reader, etc. There is no way for me to apply and manage patches. I can create a patch configuration, but I cannot control when it has to be deployed and on which machines. If Intune adds patching, I don't need to invest in another patching tool.

Setting up Intune is pretty straightforward. There may be a few bumps in the road, but you shouldn't have much trouble if you're a system administrator or a pure IT guy. I did it by myself, and it took about two hours. You have to do the basic configuration. 

For that, you need a bit of reading to understand how your configuration is working within your overall setup. Once you do the necessary tweaking, Intune is up and running. After that, you create policies and do a test run on one or two machines. Once you verify that everything is working fine, you deploy it all. 

If you're not a techie, I could guide you step by step. It's as simple as that. After deployment, Intune doesn't require maintenance because it's a cloud product. 

We've seen a significant return on the investment. Otherwise, I would have to invest in a regular Windows Active Directory. If I were running Office Standard, which lacks this feature, I would have to buy something like Intune and pay for it annually.

Plus, I have to manage another product on the desktop. For example, if you're using a VPN client, the VPN client has to be installed and requires maintenance if something goes wrong. I don't have that maintenance cost because it's part of the Windows operating system.

We don't pay for Intune because it is bundled with the premium subscription to Office 365. It includes Intune and Defender. I don't have to buy two extra products to manage my enterprise.

I rate Microsoft Intune eight out of 10. Some functionality needs to be improved, but I believe Microsoft is working on it. They're developing the tool, and those features will be added, but I will give it an eight today.

If you're thinking about implementing Intune, you should look at what you already have in place. For example, if I wanted to bring my laptops onto Azure AD, Azure AD will do the job for me, so I don't need to invest in a regular Active Directory server.

Either I buy the server and run it on the cloud or I upgrade Office and Business Premium gives me all of the features. Business Premium is the top license. You have Business Basic, Standard, and Premium. The Enterprise equivalent is E3 and E5. 

The Business Premium is equivalent to E3. There is a limit on the number of machines. Per Microsoft's licensing model, you can do up to 300 machines on Business Premium. At 301, you have to switch to an Enterprise agreement.