Microsoft Intune Reviews

We are using it for software deployment. I am able to push any software within minutes. For example, if I want to install Google Chrome for all the users, I can push Google Chrome through Microsoft Intune. Within five to ten minutes, all the users will have Google Chrome. 

We also use it for device management. We can easily register a device. It is very easy. It is helpful for BYOD.

I am happy with Microsoft Intune because Windows updates are easy. There is no need for SCCM. You can push an update, and wherever a system is available, it gets updated. Windows updates are very easy with Microsoft Intune. For Windows systems, endpoint management is very easy with Microsoft Intune as compared to other technologies.

It is user-friendly, and the performance is also good. It is a convenient product.

Sometimes, updating a client policy is very difficult. This needs to be improved.

Their support also needs improvement.

I have been using Microsoft Intune for about three years.

It is very difficult to get support from Microsoft. They are not able to troubleshoot some of the issues. They have support, but it is very difficult to get support.

We were using the SCCM server. It is a Microsoft product.

It is easy. It is not difficult.

It is cheap, but as compared to Google, it is costly. Google is cheaper, but quality-wise, Microsoft Intune is better.

I would recommend Microsoft Intune. It is a good product. 

I would rate Microsoft Intune a seven out of ten.

We typically use Intune when we have workstations that we want to manage, but we do not want to connect to our legacy Active Directory. We use a combination of Intune and Azure Active Directory.

Intune is able to put together compliance and safety checks for our endpoint devices, but it is one of the protection or security solutions. We need to use other solutions as well to completely manage the security, such as Microsoft Defender or a third-party endpoint antivirus solution. Intune definitely helps with protection, but you need to make sure that you have your endpoint security software installed. Intune provides good visibility into which devices comply with your company standards and which ones do not.

Intune more or less provides full endpoint visibility and IT control across device platforms. It simplifies my work because it is easy to view which devices are compliant and which ones are not. All you have to do is establish or configure your company's device policies, and then from there, you make sure that you assign those policies to users. Intune is able to gather information about who is compliant and who is not. It saves time on security management and administration. The administrator does not have to go through all of the company devices deployed throughout the organization. It definitely saves time.

Users have a better experience because they do not have to do anything on their end. Everything is pretty much handled at the back. When they sign in to their computers, Intune kicks in, and they do not have to do anything for software deployment. It just takes a few minutes for the software on their devices to download. All the software is deployed by Intune based on their profile. It takes a few minutes. The users are happy with it because they are able to proceed to work without having to call the IT help desk to get assistance. For security and management, such as updating machines, they have control over when they can do the restart. They appreciate that their machine is being updated and looked after by the IT group. They see that policies are made personal, and they are able to seamlessly download the updates on computers.

Users' access to the company data through personal devices became more secure. It helps to segregate data from their personal devices or applications.

Intune has improved productivity. It has probably reduced the risk of security breaches by 20%. It cannot completely mitigate possible breaches in the company, but it improves the security posture for the devices being used by the users. A significant percentage of breaches rely on the users and user behavior. 

It helps us save costs, but I do not have any data. Security breaches cost a lot, and if it is able to mitigate a security breach, we have saved the cost of that breach.

The policy and compliance monitoring of devices and the software deployment are most valuable.

We have a bird's eye view of what is happening on the endpoint.

They should improve its compatibility with other operating systems such as iOS and Linux. It supports Linux but they still need to work on the iOS part.

I have been using Intune since 2019.

I have not worked with any other solution recently. 

It is easy.

We have seen an ROI.

It is reasonable for the features it has.

If you are just running Windows, it is very good. It is tightly integrated with Windows. Microsoft gives Windows users quite an experience. If you decide to deploy it for Windows, it allows you to take away the old Active Directory, and just rely on Azure AD. All of the policies and other configurable items are in there to manage security on your local machines. Of course, there are some caveats between the two, but security-wise and endpoint management-wise, it takes care of Windows from authentication and onboarding to software deployment and updates. I have very good experience using Intune with my Windows machines, but for other OS, it still needs to be improved.

I would rate Intune an eight out of ten. It lacks features for managing operating systems other than Windows.

When we develop, it's used for multiple different solutions. It could be anything, such as a portal, field services, web development, web apps, and lots of other different things.

For me, there are many strong points in the solution. Firstly, the skills are readily available. That's one of the things. There's a lot of Microsoft expertise in the market. 

Also, they've invested a lot in their software and continuously updated it. So I think those are the things that are very important to us.

There is room for improvement in integration and security as well. Those are areas that clients are always concerned about.

So, in future releases of the product, I would like to see better integration as well as enhanced security.

I have been using Microsoft Intune for seven years now. We are dealing with the latest update of Microsoft Intune. We have started working on it, and our developers and other personnel are currently getting certified for it.

It is a stable solution. I would rate the stability an eight out of ten.

I would rate the scalability an eight out of ten.

We have over a thousand endpoints using Microsoft solution.

Customer service and support are helpful and responsive.

Positive

If you've got the right skills, the initial setup is not that difficult. It is very quick to set up. It doesn't take long. 

Some customers have benefited from it.

We work with all Microsoft products,  like .NET, and a lot of development around those areas. 

Another one, Arc Systems, is a current platform that we use.

I would recommend using this solution. Overall, I would rate Microsoft Intune an eight out of ten. If they could make the integration a lot easier, it would be better.

One plan that we are currently testing for the near future is related to our BYOD fleet. Instead of opting for MDM, we have decided to use Microsoft Intune to manage access to our company through BYOD. Moreover, we plan to use Microsoft Intune to perform autopilot PC deployments in the near future.

We had two distinct issues we needed to resolve with Microsoft Intune for two different use cases. Firstly, for the BYOD scenario, we needed Intune to ensure a sufficient level of security while enabling users to bring their personal mobile devices. Secondly, we aimed to automate PC deployment, even when users are not connected to the network, due to the COVID pandemic and the increase in remote work. Currently, to reimage a machine, users must be on the network. Our goal is to enable them to reimage their machines from home, using autopilot.

We found that Microsoft Intune met our expectations for the BYOD section, and we are optimistic about its potential for PC deployment through autopilot. The main advantage is that Intune performs its intended functions effectively.

As a Microsoft 365 user, we found Microsoft Intune to be a practical choice since it was already included in the bundle. The solution was effective, so we didn't need to look for other options or invest in additional tools. Intune performed the necessary tasks efficiently, making our decision straightforward.

The UI is not user-friendly and has room for improvement.

I have been using the solution for four years.

We have not had a single outage in the last four years. Microsoft Intune is extremely stable.

Microsoft Intune is auto-scalable in the cloud.

The initial setup was straightforward. The deployment required two people from the third party and two of our architects, one for security and one for the network.

We used a third party and our architect for implementation.

We have seen a return on investment because we were able to quickly deploy and start using Intune.

Intune is included in the Microsoft 365 licensing package that we have.

We assessed VMware and found its MDM to be promising. However, since we were already utilizing other Microsoft solutions, and Intune was capable of meeting our requirements, we did not require further evaluation of additional solutions.

I give the solution an eight out of ten.

We have around 10,000 people in over 20 different countries whose devices are managed by Microsoft Intune.

There is no maintenance required for the solution.

I highly recommend Microsoft Intune to others.

Essentially, we use it to manage devices. We are looking at potentially moving away from VMware and bringing mobile devices and tablets into Intune along with desktops and laptops, which we currently manage, so that it serves as an all-in-one active asset list where we can look at the health of the entire technical estate. We can manage against threats. We can roll out apps, policies, et cetera. We can also manage logins, reset logins, et cetera, and it's an all-in-one, 24/7 solution.

Microsoft Intune has absolutely improved the way our organization functions. We're currently going through the AAD migration, so we are transitioning away from the old on-premise domain to Azure. The ability to take devices that were locally managed via AD but weren't managed via Intune is brilliant. We can see who last logged in, who it's managed by, which OS is there when it was last updated, etc. It gives us a micro overview of what's happening there.

Generally, we find it quite useful. We don't use it to the full extent. We've only got a P1 license, but generally, the application health and the ability to create and manage policies are valuable. We can split them very quickly into groups, multiple policies, etc. So, it's those core basics that we use, but they work very well.

It's very informative when there is an error. It allows us to backtrace where the error is and resolve that ourselves. It's a bit of a Swiss Army penknife. We find that it fixes most issues.

I'd like some more reporting so that I don't have to delve into PowerShell and I can pull more of the local device information such as memory, apps installed, etc. It would be nice to be able to see the apps that are present there but might not be managed. For example, if they installed 7Zip, it could report that back via an installed program or feature to see what was currently installed. Generally, it works, and nobody complains about it.

I've been using this solution for a couple of years.

Sometimes, they can take a little while to come back in showing that they are compliant. Typically, they may show us as not compliant even when we are. Typically, we find that it takes a couple of hours or a couple of days at worst for the machines to show as being compliant for them to settle down, but generally, it does what it says on the tin. We can set the policy, and we can put a machine or put a device into a group. That policy gets defined or pushed out, and it works. We can then move on to the next job. From my perspective, it works well, and that's why I'm just looking forward to using more Azure technologies moving forward.

It's deployed across multiple locations, departments, teams, and endpoints.

I haven't had any experience with them.

At the moment, we're using VMware AirWatch, which isn't my first choice purely because it's a super segmented platform. We are predominantly, about 95%, Microsoft. It feels a bit of an oversight not having a solution on a Microsoft platform where we've got full transparency and can make live changes. Currently, we have to go through our outsourced IT to make the changes and then we have to wait to see those changes rather than me or a colleague being able to make those changes in a live environment, so it would be my personal preference to get that moved over, which we're looking at. 

I wasn't a party to why they used AirWatch. I presume it was bundled in with the Microsoft service partner's offering originally. The IT team here is quite new. I've only been in the post for about a month, and my IT manager has only been in the post for about two months. We're just making sure that everything is easy to use and easy to manage, and it's cost-efficient for the charity moving forward.

Essentially, the way it was set up, it wasn't set up as a hybrid model. At the moment, we have got on-premises, and we have a cloud, but they're not joined. There is no passthrough, which is interesting. A lot of the on-premise has been copied over to the cloud. We are now taking the cloud to default, and the overall plan is to mothball the servers and reuse those as very high-powered desktops wherever possible. I just predominantly use the cloud.

I was not involved in its deployment, but in terms of maintenance, typically, our MSP makes the changes, but I've got GA rights to make anything that is critical. Generally, there are about 20 people at the Microsoft solution partner, and there are four of us on the IT team. There are less than 30 people in total.

I'm not sure. Certainly, it has been at least three years since the software has been rolled out, but it's not particularly well maintained by the solution partner. So, it's hard to measure the ROI. It does have merit, but in our particular sector, it's just overkill. We just need to make small and light changes whilst having effective security. We don't need corporate class, biometric/conditional access level security. Whilst we have multiple offices, they're very small. They're all under 20 users, and there's a lot of work from home. So, as long as we've got encryption, a form of AV, an anti-spam, and good account security, it certainly staves off a lot of the threats.

Personally, I feel that we haven't had the ROI purely because we're paying about £13,000 for under 300 users a year, which is a little bit top-sized. My personal feeling is to make a business case to switch to Microsoft Defender. Obviously, we've got P1 in our business premium licensing, so we've got a very basic protection at the moment that we don't use. We've got a large number of credits, and we could use those credits to switch over for a year to a higher project and see where we go from there.

Generally, it's not too bad. Obviously, a cheaper price would be great. Typically, we are in touch with the partner to provide non-profit discounts wherever possible. Generally, we get favorable discounts, so it's not too bad. Obviously, we're looking at decreasing those wherever we can to bring value back to the public purse because it's all charity based. It's all publicly funded.

Create a test group and create test policies, and then just test, test, and test before anything is rolled. It's the usual IT gambit. Test everything, and then just test it again before you roll it out.

I worked for a couple of MSPs before. I've seen it in very remote areas. I'm very impressed with it. Whilst it seems almost fashionable to criticize Microsoft, Intune is pretty much a well-laid-out product. It does what it says it's going to do. There is a lot of dependence on Microsoft products being pushed to it, and that's probably my only criticism. It would be good if Intune was a bit more open-source, but that would lead to more complications. It's a bit of a complicated beast, but generally, I like it.

I'd rate Microsoft Intune a nine out of ten. I'm happy with it.

The primary use case of Microsoft Intune is for patch management and app deployment.

Microsoft Intune is deployed in a hybrid environment and we use Atel cloud.

I can see that the patch management process is much improved with the bundled patch management option available in Microsoft Intune compared to the KPI deployment required by the other deployment solutions.

Deploying an app can be a complex process due to dependencies. For example, I have a package with three files that need to run, but one of them has a dependency on another one. This can be challenging to manage with the Intune app deployment and has room for improvement.

I have been using the solution for one month.

We have premium technical support from Microsoft.

We currently also use BigFix.

We have not yet implemented the solution but the app deployment is a bit complex.

When we add a device to the Azure domain, the activation process for Intune is simple and straightforward with no added complexity.

We partnered with Microsoft to help us implement the solution in our environment.

Intune is cost-effective as it is included in some of the Office 365 packages. GMF can be more expensive.

We evaluated Jamf Pro and will be rolling it out for Apple devices.

I give the solution a seven out of ten.

As of now, we deployed the solution onto 10,000 devices and when completed it will be 30,000 devices. The solution is used in multiple departments in multiple geographical locations.

Microsoft Intune is a Windows solution, and organizations can take advantage of its features. However, I would not recommend using iOS devices with Microsoft Intune as it is suited for Windows only.

We use the solution for auto-enrollment with app EPP and application deployment with EPP.

We're currently testing the possibility of using the solution as a new MDM tool for mobile applications.

All regions and departments operate on the same model; we turn on the device, select if it's personal or corporate, and all the products and profiles are loaded onto it.

The solution hasn't improved our organization yet, as we're still in the testing phase and have yet to go into full production.

The ability to switch between Affinity and non-Affinity enrollment is great. 

The wiping features are very good. 

The capacity to create more profiles and switch between corporate and personal devices are beneficial features.

One of the main advantages of Intune is that it's a Microsoft product, so it integrates with the other MS products we use.

The solution needs to be better for managing laptops; many functions are still unavailable in this regard.

The scalability could be improved, and like most other MDM products, Intune is good but not 100% there yet.

We've been using the solution for a couple of years. 

The stability is good, and there has been a lot of progress since I last used the solution.

The solution is working well for the most part, but some improvements could be made to the scalability. 

I never had to contact technical support. 

I previously used MobileIron UEM and VMware Workspace ONE.

I wasn't involved in the initial deployment. Now that it's set up, deployment to devices requires turning the phone on, and the device will automatically pull up the profile if the client is linked to our Apple Business Manager tool. We currently have one staff member involved with the maintenance, but we're looking into distributing it to others on the same team.  

The pricing for Intune and the competitor products are all within the same range, there is no true advantage when it comes to cost. 

I evaluated MobileIron and VMware. 

I rate the solution seven out of ten. 

We have yet to reach a level where we can notice flaws or identify areas for improvement since we're still checking and have yet to run the solution through a capability list.

My advice to others evaluating Intune is that it's the best solution for mobile devices like Androids and iPhones. However, if you're rolling out physical laptops, I recommend using a second tool, as there are still many unavailable options on the Intune app for laptops.  

The solution is deployed on cloud. I'm part of the support team. There's another server team that works closely with Microsoft. They purchased an old 365 license, and Intune was one of the included features. We wanted to take advantage of the feature because it was part of the package. That's why our top management decided to save some costs by making use of Intune and not using AirWatch anymore.

We are enrolling through the Intune company portal, and then we are using the Outlook app to configure the email addresses of the company.

We are using the mobile feature, and we are also using MDM to lock the devices, to push restrictions, et cetera. Compared with AirWatch, I think it's easier to manage the devices and the profiles in AirWatch. Intune has a lot of options, but I've only been playing around with it for a few months.

In the past, I raised some tickets for the enhancement feature, which was missing in Intune. It can take a long time for these features to appear, or maybe they will just never happen.

There are certain things that I'm trying to replicate from AirWatch, and it's not possible.

In AirWatch, we have a launcher, which is like a container. You can choose single-app mode or multi-app mode. But in Intune, for example, you need to factory reset the device and then apply the MDM. If we choose multi-app mode, which is the kiosk multi-app mode in Intune, I cannot lock the application on the screen. For example, in the set mode, you have the option to set the leave Kiosk password. You can exit the kiosk. But if you choose Intune multi-app mode, you don't have this leave kiosk option. For us, it's very useful.

If you have this leave kiosk option in the multi-app, you should also have it in the single-app mode. We need this because we have an application that you run on a tablet in hotel rooms, and we want to lock the application in a single-app mode, but besides the application, we also need to have some background applications running, like we need to do some configurations in Knox from Samsung, and eFolder. 

We have three applications that we need to push, but the guests will only be able to see one. Because I don't have the option to leave the kiosk in the single-app mode, I cannot do any configuration in the background apps. We have one app we cannot migrate to Intune from AirWatch because of this issue. This applies to more than 2,000 devices.

I think we need the leave Kiosk option available for the Kiosk single-app mode, because we are stuck with at least 2,000 devices or more because we want to completely retire AirWatch, but we cannot until this feature is available. The applications that we are using in our hotel rooms are not compatible with Intune. My bosses are not really satisfied because we still have expenses with purchasing a license with AirWatch because Intune cannot really fulfill our requirements.

This option is already available in the multi-app mode. It should not be a new feature. This feature already exists. They just need to apply the single-app mode the same way they're applying the multi-app mode.

Compared with AirWatch, Intune is not very stable because I haven't had to deal with these issues. With AirWatch, I would try to fix something and I would need to fine tune the settings, et cetera. But once I fine-tune and push everything, it will run and be stable. With Intune, we are new with this product, but it took some time for me to create a profile and test the devices. It has been working for a few months, but then suddenly this weird issue happened. It affected all devices at once.

In the Outlook application, the scalability is good so far. But there are some differences between on-premises mailbox users and cloud users. For example, let's say I'm my boss's assistant and I'm able to view my boss's calendar on my Outlook desktop. Let's say I want to view a shared calendar on my Outlook app. For the cloud-use mailbox, I'm able to do this, but if I'm an on-premises mailbox user, this option is not available. Usually the cloud mailbox users have more options than on-premise users.

We have around 2,000 users enrolled in Intune so far, not counting the MDM device. That includes just email, the one that I have enrolled in the Outlook email app.

Our plan is to keep the solution because our primary solution for email mobile is now Intune because we are retiring AirWatch. We have already retired the email for AirWatch, and we are just using AirWatch for MDM devices. Of course, the plan is to keep increasing usage. If more users request email on their mobile, we are going to offer Intune.

Technical support is very responsive and helpful. There's another issue that I raised related to Adobe Acrobat. I'm not sure if it's a region issue, but I'm in Macau, and we also have some users in Manila, Hong Kong, and Cyprus. All of us are using the same profile. I make the Adobe Reader application available on the manage app store, but somehow the users in Macau, when they go to the manage play store, are not able to see Adobe Reader on the list. It's only happening in Macau.

I raised this issue. Support dragged the issue on for two months. Support said, "Because all the applications go through the Play store, maybe you need to reach out to Google." The issue was not really resolved because the issue might not be related to Microsoft but Google, et cetera. I just gave up.

Compared to AirWatch, I can upload APKs or I can just redirect the Play store link to push the apps. But in Intune for example, I'm forced to upload all the applications through the managed app store. To make it available is a different process, basically. There are some things that don't really stretch forward. 

If I upload a custom APK in the manage Play store and then I want to remove it, I cannot remove it myself. I need to send an email to Google and ask them to remove it. Then they will ask me to unpublish the app for 24 hours first. These are very simple things that I should be able to control myself, and it wastes a lot of time.

I think if you have the money and want something more stable, you should go for AirWatch. I don't think Microsoft is offering the same stability as VMware at this point. On other hand, I think the support from Microsoft is better, particularly the support in Asia. In VMware, all the support is from India, and sometimes I have a hard time with them.

Now that I'm starting to be familiar with the profiles, it's starting to get easier. A few weeks ago, there was a very odd issue that happened also related to MDM devices where we were using the manage home screen application to lock down the apps that we wanted to allow only the users to use, like the kiosk application.

We have configured the profile and have deployed to 200 or 300 devices. Some of our users called and said suddenly all the mobile devices were flashing. I don't know what happened, but it happened at the same time. The workaround that I had to do was to remove the manage home screen from the profile. Then all of the devices were kicked out and went back to the home screen of the devices. That was the only way they could resume the mobile devices. I don't know what happened, but something was wrong with the manage home screen app on that day because a few days after, I pushed back and everything resumed.

We have ROI because we are retiring AirWatch, so we're spending less and making the most of the free stuff.

The licensing is on a yearly basis.

I would rate this solution 7 out of 10.