We performed a comparison between Microsoft Configuration Manager and Microsoft Intune based on real PeerSpot user reviews.Find out in this report how the two Configuration Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The ease of usability is the most valuable feature. It's user-friendly."
"It is a very well-rounded product. It is a complete package with all the features using which we are able to manage our PCs very efficiently."
"The most valuable feature of Microsoft Endpoint Configuration Manager is it's incredibly simple to configure and execute changes in bulk, allowing for seamless deployment. With this solution, you can easily track the status of all modifications and send them with ease, making it a comprehensive and efficient solution for any necessary adjustments."
"The most valuable feature of this solution is its ability to deploy patches to nearly all applications."
"Endpoint Manager is valuable to our organization because it allows us to connect to our enterprise from remote locations securely. The most useful feature is its robustness and scalability. It is highly scalable and flexible, allowing us to use it in various environments. Additionally, we can specialize the policies related to each device group. This ensures that each group has access to the applications they need for their work and non-work hours."
"The most valuable feature of SCCM is the application distribution."
"I like the data collection."
"The most valuable feature of Microsoft Endpoint Configuration Manager is the software deployment. Additionally, Microsoft integrates most of the other solutions well with one another."
"With on-premises Active Directory, the main challenge was that we had no control when a user was working from home. We didn't know what exactly a user was doing and whether the AV was up to date or not. Intune provides better control of their machines."
"The ability to send configurations to our systems is valuable, particularly as we don't have a regular Windows AD server. Our current environment doesn't have a Windows AD, which limits our ability to push GPOs. However, this is where the solution can step in and help us push policies."
"At the moment, Autopilot is the most valuable feature."
"It's easy to manage."
"It's very informative when there is an error. It allows us to backtrace where the error is and resolve that ourselves. It's a bit of a Swiss Army penknife. We find that it fixes most issues."
"There is a single pane of glass for user access and a single sign-on facility for the user. If you have already logged in to Microsoft Azure or on-premises, you can redirect directly to Microsoft Endpoint Manager, monitor all your security threats, and analyze the data associated with the application in a single, unified way."
"The main advantage is that Intune performs its intended functions effectively."
"Intune enables us to manage our devices from anywhere."
"Regarding this, I'd like to mention the agent situation. When the agent on an end-user device is not functioning correctly, it can be quite problematic. It would be highly beneficial if there were a self-healing mechanism in place. Essentially, if the agent becomes corrupted or encounters issues, it should be able to rectify itself autonomously. This is particularly critical because, in order to utilize a tool like MECM (assuming you're referring to Microsoft System Center Configuration Manager), we need to deploy agents, known as AsMs, on all the devices we use, such as Windows 10 or Windows Server. Sometimes, when we deploy configurations or updates, they don't apply properly due to agent issues. This issue has been present since we began using MECM around 23 years ago. Unfortunately, there is currently no built-in mechanism for the agent to detect its own problems and initiate self-repair. Microsoft doesn’t have any feature to scan vulnerabilities and hence, they could include those."
"The solution can be improved with the addition of a mobile device manager."
"SCCM can improve on third-party application support."
"Management of Linux devices could be improved."
"The time the solution takes for updating systems could be quicker. For example, the system information status is not updating as it should. Additionally, the database synchronization querying is slow and could be improved."
"In terms of the monitoring, the timeframe it takes to actually report back on the compliance of a device after it has been patched is a bit too long."
"It would be better if automation options were available. For example, in Nexthink or SysTrack, there is an analytical tool. Creating dashboards would be very easy if you implement the same thing in Microsoft. That report will be a daily cost to the customers and good revenue for our organization. The price also could be better. In the next release, we need to include some features like tables, dashboards, surveys, services, and metrics in the dashboard. Whatever we are implementing will be downloaded by a report. Apart from the report, we will telecast from the dashboard. It's very easy to compare, and it will be easy to telecast to the end-users."
"The availability of technical support could improve."
"The solution can have some compliance problems in general and the end-point user can bypass easily the company policies in Intune."
"Intune's third-party patch management could be better. It should be easier for the average system admin to keep non-Microsoft applications updated."
"There are some issues using the solution with macOS and iOS, and it offers limited granular control with them. Intune works better on Windows and Android."
"In terms of what can be improved, I am looking for better enhancements regarding Apple management, not only on the mobile device, but also on the laptop."
"The pricing can be expensive if you are not combining it with other products."
"It would help if administrators could pinpoint the exact location of a stolen device to help law enforcement retrieve it and apprehend the suspect."
"An issue we have run into with Microsoft Endpoint Manager is that we cannot patch third-party products like Adobe and Chrome with it."
"Reporting in Microsoft solutions is pathetic. With Intune, I'm getting a free inventory tool, but I don't get a reporting tool. When I go to Intune, I can see one machine's entire data in terms of the hardware and the software running on it, but I cannot generate a report for all the machines in the organization. The reporting is the only feature holding back the functionality that is already there."
Microsoft Configuration Manager helps IT manage PCs and servers, keeping software up-to-date, setting configuration and security policies, and monitoring system status while giving employees access to corporate applications on the devices that they choose. When Configuration Manager is integrated with Microsoft Intune, you can manage corporate-connected PCs and Macs along with cloud-based mobile devices running Windows, iOS, and Android, all from a single management console.
New features of Configuration Manager, such as the support of Windows 10 in-place upgrade, co-management with Microsoft Intune, Windows 10 and Microsoft 365 Apps for enterprise Servicing Dashboard, integration with Windows Update for Business, and more make deploying and managing Windows easier than ever before.
Microsoft Intune is a comprehensive cloud-based service that allows you to remotely manage mobile devices and mobile applications without worrying about the security of your organization’s data. Device and app management can be used on company-owned devices as well as personal devices.
In an increasingly mobile workforce, Microsoft Intune keeps your sensitive data safe while on the move. Microsoft Intune makes it possible for your team members to work anywhere using their mobile devices. Microsoft Intune provides both the flexibility and the control needed for securing all your data on the cloud, no matter where the device with the data is located.
Microsoft Intune Device Management Key Features
With Microsoft Intune Device Management you can:
Mobile Application Management
Mobile application management in Intune is designed to protect your organization’s data at the application level.
With Microsoft Intune Application Management you can:
As part of Microsoft's Enterprise Mobility + Security (EMS) suite, Intune integrates with Microsoft Entra ID for access control and with Azure Information Protection for data protection. It also integrates with Microsoft 365 Applications.
Reviews from Real Users
Microsoft Intune stands out among its competitors for a number of reasons. Two major ones are its ability to secure all devices under its management and the flexibility that the solution offers its users.
A computing services manager notes, "Its security is most valuable. It gives us a way to secure devices, not only those that are steady. We do have a few tablets and other devices, and it is a way for us to secure these devices and manage them. We know they're out there and what's their status. We can manage their life cycle and verify that they're updated properly."
The head of IT engineering at a financial services company writes, "The one feature we find most useful is the Mobile Application Manager. There are two types: we have the complete MDM and the Mobile Application Manager (MAM). We don't give our users phones, it is their own personal phone, and we need to allow them to have access to the company details on their phone. We need to create a balance between their own personal data and the company data. We deploy the Mobile Application Manager for them so that we won't be able to interfere with their own personal data."
Microsoft Configuration Manager is ranked 2nd in Configuration Management with 28 reviews while Microsoft Intune is ranked 4th in Configuration Management with 72 reviews. Microsoft Configuration Manager is rated 8.4, while Microsoft Intune is rated 8.4. The top reviewer of Microsoft Configuration Manager writes "Lets us remotely deploy and manage thousands of devices over the network". On the other hand, the top reviewer of Microsoft Intune writes "Enables you to use MDM to lock devices and push restrictions, but isn't as stable as other solutions". Microsoft Configuration Manager is most compared with Red Hat Ansible Automation Platform, ManageEngine Endpoint Central, BigFix, Tanium and AWS Systems Manager, whereas Microsoft Intune is most compared with Jamf Pro, VMware Workspace ONE, ManageEngine Endpoint Central, SOTI MobiControl and Ivanti Neurons for MDM. See our Microsoft Configuration Manager vs. Microsoft Intune report.
See our list of best Configuration Management vendors.
We monitor all Configuration Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.