- Azure Sentinel—A real-world example - Tue, Oct 12 2021
- Deploying Windows Hello for Business - Wed, Aug 4 2021
- Azure Purview: Data governance for on-premises, multicloud, and SaaS data - Wed, Feb 17 2021
When we looked at Windows Intune back in June 2011 it had just been released in March 2011 and that first version lacked some features. Microsoft followed up with a second version in October 2011 and then again with version 3 in June 2012.
Compared to on-premises products there’s certainly a quicker pacing in the updates to this “cloud only” management solution. There has also been some confusion around the integration between the incumbent solution – System Center Configuration Manager (SCCM) and Intune as in some ways they do the same thing, something that’s going to be addressed in the forthcoming Service Pack 1 for System Center.
Note that Microsoft doesn’t attach version numbers to Intune (or any other cloud service), it’s simply the “new version” or the “June 2012 release” but for simplicity’s sake when discussing features I’ll refer to each version as 1, 2 or 3.
In this series of four posts we’ll look at what’s new in Intune, where it fits for both small and large businesses and what’s still missing, along with how the integration with SCCM is going to happen.
In our review of version 1 we found that the product lacked software distribution support, remote performance monitoring, remote control and actions, I’m happy to say that this version addresses all these issues, along with other improvements.
The first pane of the Windows Intune admin console give an overview of alerts and system status, along with links to more details on computers and mobile devices.
Introduction to Intune
For those new to Windows Intune it’s a cloud service, provided by Microsoft and sold through partners worldwide, that manages client computers and now mobile devices. Each PC has an agent installed and this agent reports hardware statistics and software installed back up to the service as soon as a machine has an internet connection.
Downloading and installing the agent is simple if you’ve only got a few to deal with, for larger implementations it’s easy to distribute the agent using SCCM or Group Policy Software distribution.
Intune comes with an antimalware application (Endpoint Protection) that also reports back up to the service so an administrator can see if machines are infected. Intune manages updating Windows with patches (replacing WSUS or Microsoft Update) and administrators can upload software applications to the service which can then be automatically installed on select machines or alternatively be offered to users so they can choose to install if they need it.
Intune can also track your volume licensing agreements, as well as third party licensing to demonstrate compliance. Policies for mobile devices, Windows Firewall and the Intune Agent / Center can be scoped to groups off users or machines / devices and then be pushed out from the service. If there’s a domain joined machine that’s receiving both Group Policy and Intune policies, and settings conflict, Group Policy settings prevail. Reports can be generated for update status, software installed, hardware and licensing compliance. Windows Intune also comes with upgrade rights to the latest version of Windows Enterprise.
The information that’s gathered for hardware and software inventory is comprehensive.
In part two of this four part series we’ll look at the new mobile device support in Windows Intune 3.
Two corrections.
Microsoft actually does have a versioning scheme for Intune (and all of it’s cloud products): they are called “Waves”. The current iteration is Wave C with the follow on Wave D due early next year.
Intune does not have to be purchased from a partner. Like all of Microsoft’s cloud services, you can purchase directly from Microsoft.
Hi Jason,
Thanks for your feedback. You’re right as far as the “wave names” are going, but this is really just during the development / preview phase. When the upgrade is released and completed there is no “version” information, you can’t say “we’re running Intune 3 and you’re running Intune 2” (although tenants are upgraded on a rolling basis).
As for the purchasing options, you’re also correct, except here in Australia. For some reason this is the only country in the world where Microsoft can’t handle their own billing and have to rely on Telstra (the largest telecommunications company in OZ). So here you do have to buy directly from Telstra or through a partner.