Microsoft Intune OverviewUNIXBusinessApplication

Microsoft Intune is the #1 ranked solution in top Configuration Management tools and top Enterprise Mobility Management (EMM) tools. PeerSpot users give Microsoft Intune an average rating of 8.0 out of 10. Microsoft Intune is most commonly compared to VMware Workspace ONE: Microsoft Intune vs VMware Workspace ONE. Microsoft Intune is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 19% of all views.
Microsoft Intune Buyer's Guide

Download the Microsoft Intune Buyer's Guide including reviews and more. Updated: November 2022

What is Microsoft Intune?

Microsoft Intune is a comprehensive cloud-based service that allows you to remotely manage mobile devices and mobile applications without worrying about the security of your organization’s data. Device and app management can be used on company-owned devices as well as personal devices.

In an increasingly mobile workforce, Microsoft Intune keeps your sensitive data safe while on the move. Microsoft Intune makes it possible for your team members to work anywhere using their mobile devices. Microsoft Intune provides both the flexibility and the control needed for securing all your data on the cloud, no matter where the device with the data is located.

Microsoft Intune Device Management Key Features

With Microsoft Intune Device Management you can:

  • Ensure devices and apps are compliant with your security requirements.
  • Rapidly deploy and authenticate apps on all company devices.
  • Remotely access devices to troubleshoot issues or to remove data from them.
  • Generate reports for all devices in the system.
  • Monitor the way users access and share information to protect company information.
  • Set rules and configure settings on personal and organization-owned devices to access data and networks.
  • Create user groups and device groups, allowing you to rapidly access many users and devices simultaneously.

Mobile Application Management

Mobile application management in Intune is designed to protect your organization’s data at the application level.

With Microsoft Intune Application Management you can:

  • Configure apps to run with specific settings enabled.
  • Update existing apps that are already on the device.
  • See reports on which apps are used and monitor their usage.
  • Selectively wipe organization data from apps.
  • Add mobile apps to user groups and devices.

As part of Microsoft's Enterprise Mobility + Security (EMS) suite, Intune integrates with Azure Active Directory (Azure AD) for access control and with Azure Information Protection for data protection. It also integrates with Microsoft 365 Applications.

Reviews from Real Users

Microsoft Intune stands out among its competitors for a number of reasons. Two major ones are its ability to secure all devices under its management and the flexibility that the solution offers its users.

A computing services manager notes, "Its security is most valuable. It gives us a way to secure devices, not only those that are steady. We do have a few tablets and other devices, and it is a way for us to secure these devices and manage them. We know they're out there and what's their status. We can manage their life cycle and verify that they're updated properly."

The head of IT engineering at a financial services company writes, "The one feature we find most useful is the Mobile Application Manager. There are two types: we have the complete MDM and the Mobile Application Manager (MAM). We don't give our users phones, it is their own personal phone, and we need to allow them to have access to the company details on their phone. We need to create a balance between their own personal data and the company data. We deploy the Mobile Application Manager for them so that we won't be able to interfere with their own personal data."

Microsoft Intune was previously known as Intune, MS Intune, Microsoft Endpoint Manager.

Microsoft Intune Customers

Mitchells and Buzzers, Callaway

Microsoft Intune Video

Microsoft Intune Pricing Advice

What users are saying about Microsoft Intune pricing:
  • "The licensing is on a yearly basis."
  • "The pricing of Endpoint Manager is fine. The licensing is not that complex, but small and midsized organizations might have challenges with the pricing plans. There are a lot of categories—E2, E3, E5—to choose from."
  • "It is not a cheap solution. The price for a device when you start using it at a large scale can be improved. It is covered under our enterprise agreement. We pay once a year. I am not aware of any additional costs."
  • "Licensing depends on how you are providing support to your enterprise, whether it's device-based or user-based."
  • Microsoft Intune Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Assistant Manager at Melco Resorts & Entertainment
    Real User
    Enables you to use MDM to lock devices and push restrictions, but isn't as stable as other solutions
    Pros and Cons
    • "We are using the mobile feature, and we are also using MDM to lock the devices, to push restrictions, et cetera"
    • "In the past, I raised some tickets for the enhancement feature, which was missing in Intune."

    What is our primary use case?

    The solution is deployed on cloud. I'm part of the support team. There's another server team that works closely with Microsoft. They purchased an old 365 license, and Intune was one of the included features. We wanted to take advantage of the feature because it was part of the package. That's why our top management decided to save some costs by making use of Intune and not using AirWatch anymore.

    We are enrolling through the Intune company portal, and then we are using the Outlook app to configure the email addresses of the company.

    What is most valuable?

    We are using the mobile feature, and we are also using MDM to lock the devices, to push restrictions, et cetera. Compared with AirWatch, I think it's easier to manage the devices and the profiles in AirWatch. Intune has a lot of options, but I've only been playing around with it for a few months.

    What needs improvement?

    In the past, I raised some tickets for the enhancement feature, which was missing in Intune. It can take a long time for these features to appear, or maybe they will just never happen.

    There are certain things that I'm trying to replicate from AirWatch, and it's not possible.

    In AirWatch, we have a launcher, which is like a container. You can choose single-app mode or multi-app mode. But in Intune, for example, you need to factory reset the device and then apply the MDM. If we choose multi-app mode, which is the kiosk multi-app mode in Intune, I cannot lock the application on the screen. For example, in the set mode, you have the option to set the leave Kiosk password. You can exit the kiosk. But if you choose Intune multi-app mode, you don't have this leave kiosk option. For us, it's very useful.

    If you have this leave kiosk option in the multi-app, you should also have it in the single-app mode. We need this because we have an application that you run on a tablet in hotel rooms, and we want to lock the application in a single-app mode, but besides the application, we also need to have some background applications running, like we need to do some configurations in Knox from Samsung, and eFolder. 

    We have three applications that we need to push, but the guests will only be able to see one. Because I don't have the option to leave the kiosk in the single-app mode, I cannot do any configuration in the background apps. We have one app we cannot migrate to Intune from AirWatch because of this issue. This applies to more than 2,000 devices.

    I think we need the leave Kiosk option available for the Kiosk single-app mode, because we are stuck with at least 2,000 devices or more because we want to completely retire AirWatch, but we cannot until this feature is available. The applications that we are using in our hotel rooms are not compatible with Intune. My bosses are not really satisfied because we still have expenses with purchasing a license with AirWatch because Intune cannot really fulfill our requirements.

    This option is already available in the multi-app mode. It should not be a new feature. This feature already exists. They just need to apply the single-app mode the same way they're applying the multi-app mode.

    What do I think about the stability of the solution?

    Compared with AirWatch, Intune is not very stable because I haven't had to deal with these issues. With AirWatch, I would try to fix something and I would need to fine tune the settings, et cetera. But once I fine-tune and push everything, it will run and be stable. With Intune, we are new with this product, but it took some time for me to create a profile and test the devices. It has been working for a few months, but then suddenly this weird issue happened. It affected all devices at once.

    Buyer's Guide
    Microsoft Intune
    November 2022
    Learn what your peers think about Microsoft Intune. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
    653,522 professionals have used our research since 2012.

    What do I think about the scalability of the solution?

    In the Outlook application, the scalability is good so far. But there are some differences between on-premises mailbox users and cloud users. For example, let's say I'm my boss's assistant and I'm able to view my boss's calendar on my Outlook desktop. Let's say I want to view a shared calendar on my Outlook app. For the cloud-use mailbox, I'm able to do this, but if I'm an on-premises mailbox user, this option is not available. Usually the cloud mailbox users have more options than on-premise users.

    We have around 2,000 users enrolled in Intune so far, not counting the MDM device. That includes just email, the one that I have enrolled in the Outlook email app.

    Our plan is to keep the solution because our primary solution for email mobile is now Intune because we are retiring AirWatch. We have already retired the email for AirWatch, and we are just using AirWatch for MDM devices. Of course, the plan is to keep increasing usage. If more users request email on their mobile, we are going to offer Intune.

    How are customer service and support?

    Technical support is very responsive and helpful. There's another issue that I raised related to Adobe Acrobat. I'm not sure if it's a region issue, but I'm in Macau, and we also have some users in Manila, Hong Kong, and Cyprus. All of us are using the same profile. I make the Adobe Reader application available on the manage app store, but somehow the users in Macau, when they go to the manage play store, are not able to see Adobe Reader on the list. It's only happening in Macau.

    I raised this issue. Support dragged the issue on for two months. Support said, "Because all the applications go through the Play store, maybe you need to reach out to Google." The issue was not really resolved because the issue might not be related to Microsoft but Google, et cetera. I just gave up.

    Compared to AirWatch, I can upload APKs or I can just redirect the Play store link to push the apps. But in Intune for example, I'm forced to upload all the applications through the managed app store. To make it available is a different process, basically. There are some things that don't really stretch forward. 

    If I upload a custom APK in the manage Play store and then I want to remove it, I cannot remove it myself. I need to send an email to Google and ask them to remove it. Then they will ask me to unpublish the app for 24 hours first. These are very simple things that I should be able to control myself, and it wastes a lot of time.

    Which solution did I use previously and why did I switch?

    I think if you have the money and want something more stable, you should go for AirWatch. I don't think Microsoft is offering the same stability as VMware at this point. On other hand, I think the support from Microsoft is better, particularly the support in Asia. In VMware, all the support is from India, and sometimes I have a hard time with them.

    How was the initial setup?

    Now that I'm starting to be familiar with the profiles, it's starting to get easier. A few weeks ago, there was a very odd issue that happened also related to MDM devices where we were using the manage home screen application to lock down the apps that we wanted to allow only the users to use, like the kiosk application.

    We have configured the profile and have deployed to 200 or 300 devices. Some of our users called and said suddenly all the mobile devices were flashing. I don't know what happened, but it happened at the same time. The workaround that I had to do was to remove the manage home screen from the profile. Then all of the devices were kicked out and went back to the home screen of the devices. That was the only way they could resume the mobile devices. I don't know what happened, but something was wrong with the manage home screen app on that day because a few days after, I pushed back and everything resumed.

    What was our ROI?

    We have ROI because we are retiring AirWatch, so we're spending less and making the most of the free stuff.

    What's my experience with pricing, setup cost, and licensing?

    The licensing is on a yearly basis.

    What other advice do I have?

    I would rate this solution 7 out of 10.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Prateek Agarwal - PeerSpot reviewer
    Manager at NISG
    Real User
    Top 5Leaderboard
    Provides high visibility into security threats, enabling analysis before they attack our applications and user data
    Pros and Cons
    • "There is a single pane of glass for user access and a single sign-on facility for the user. If you have already logged in to Microsoft Azure or on-premises, you can redirect directly to Microsoft Endpoint Manager, monitor all your security threats, and analyze the data associated with the application in a single, unified way."
    • "The mobile and tablet-based versions need improvement because they are not completely user-friendly, compared to the web version. Also, data synchronization with our existing asset manager, the synchronization between multiple assets and multiple devices, takes a lot of time due to the security scanning. It should be reduced."

    What is our primary use case?

    We use it for general safety and security for all our data and applications.

    Because we are using Microsoft Office 365 on the cloud, it is very critical for us to protect our user data. We have shared files in OneDrive, Microsoft Excel, PowerPoint, and Word. We also have geographically diverse locations across Asia-Pacific, Europe, and America. Microsoft Endpoint Manager protects us from all kinds of security vulnerabilities and threats to our data.

    We have it deployed in specific departments and divisions within our organization, including product engineering and DevOps.

    How has it helped my organization?

    It protects our devices well against outside threats including phishing attacks, spam, and other third-party attackers. It provides us with a very high level of visibility into security threats so that they can be analyzed properly before they attack our applications and user data.

    We have more than 1,000 users who access certain applications. We do not want to give all the users access to specific data. Permission Access gives us flexibility and reduces the human effort and time involved in giving permissions to users and groups. They can share or exchange information accordingly. We do not worry about what they are sharing or about the folders and data they can access because we have already set their permissions.

    If you look at the data loss that has happened in the past, obviously Endpoint Manager is saving us money. In addition, it saves human effort on manual work, as well as time, and there has been an overall performance improvement. It's obviously enhancing the user experience.

    What is most valuable?

    I like

    • all the security features it has
    • the graphical user interface, which is very smooth. 
    • the fact that it is very easy to understand
    • the integration with other applications.

    There is a single pane of glass for user access and a single sign-on facility for the user. If you have already logged in to Microsoft Azure or on-premises, you can redirect directly to Microsoft Endpoint Manager, monitor all your security threats, and analyze the data associated with the application in a single, unified way.

    You can adjust your security policies and any other rules with the solution and apply them to specific groups or specific users. Overall, it is a highly customizable and easily manageable solution.

    Integration with Microsoft applications like Microsoft Office, Microsoft Dynamics, and 365, is very smooth. As far as MS applications go, it is a very good solution to work with. Microsoft Endpoint Manager is a solution for every organization that is using Microsoft applications or Azure, whether on-premises or in the cloud. It is a well-suited application for those environments.

    We are also using Conditional Access along with the rule-based features. We apply them to specific users in a group so that they can't access particular user data, such as column-based or tab-based data. It can be hidden from those specific users in the groups. Conditional Access can be used to allow or block access to on-premises data based on policies. When we use Conditional Access, it is typically a combination of device compliance policies so that only the compliant devices can access or exchange data between the sources and destinations.

    Permission Management is a part of Conditional Access. It is very transparent and very easy to use. Within a few clicks, you can easily configure which devices you want to permit and which devices you want to deny, whether it is for Amazon S3 or Google cloud. Because we are using Microsoft Azure, we are typically working with Microsoft SQL Server, Microsoft Office 365, Dynamics, et cetera. But it works well with all applications. That is helpful because we do not want compatibility issues.

    For example, if there is a compliance policy in the organization, you can allow specific mobile devices into an application so that only a specific group of users can access it. The rest of the users can't access it as there might be confidential data there. You can implement that with Conditional Access policies.

    What needs improvement?

    For non-Microsoft applications, integration requires some advanced levels of configuration for IP addresses, among other things. It might be somewhat complex when it comes to third-party applications.

    The mobile and tablet-based versions need improvement because they are not completely user-friendly, compared to the web version.

    Also, data synchronization with our existing asset manager, the synchronization between multiple assets and multiple devices, takes a lot of time due to the security scanning. It should be reduced.

    For how long have I used the solution?

    I've been using it for almost two years.

    What do I think about the stability of the solution?

    Because it is reliable, that is the reason that it can be adopted. If it weren't reliable and secure, itself, how could it secure our applications? It is highly reliable and secure.

    What do I think about the scalability of the solution?

    Endpoint Manager is highly scalable. It can scale per your requirements.

    How are customer service and support?

    The customer support services are very good, but not perfect.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We migrated to Azure and our requirements changed. We have found Endpoint Manager to be suitable because of the compatibility and overall performance issues.

    We faced so many issues, three to four years back, when we were using VMware and Cisco-based cloud security solutions. There were threats detected and but some valuable financial transaction information was lost. It was very painful. After analyzing our requirements, we are now using multiple security solutions because we have multiple applications. Every application has its requirements in terms of data storage and security. We are using not only Microsoft Endpoint Manager, but a solution for DDoS, as well as Microsoft Sentinel. They are top-level security solutions provided by Microsoft, so that we can secure our email, data, and overall user information.

    How was the initial setup?

    The implementation of every Microsoft solution is very easy, if you are already using Microsoft solutions. There are no issues with that.

    In terms of maintenance, the services are fully managed by Microsoft, including all the upgrades, updates, and security patches, without any customer involvement.

    What about the implementation team?

    Microsoft helped us with the implementation, through their support and consulting teams. And the solution architect team is very helpful.

    What was our ROI?

    Every security solution has a return on investment. We adopt security solutions just to protect our user information, which is very valuable for any organization.

    We see return on investment in terms of performance meeting our expectations, but given the pricing, some organizations may require some additional budget for it.

    What's my experience with pricing, setup cost, and licensing?

    The pricing of Endpoint Manager is fine. The licensing is not that complex, but small and midsized organizations might have challenges with the pricing plans. There are a lot of categories—E2, E3, E5—to choose from. 

    The minimum starts at $2 to $3 per user, per month and it goes up to $14 to $15 per month. It depends on your requirements.

    Which other solutions did I evaluate?

    We used Okta but Microsoft Authenticator replaced it. Both are good, but Okta is much higher in price compared to Endpoint Manager. Also, Okta is a third-party application for Azure, while Endpoint Manager is core, proprietary software by Microsoft. With Okta, the compatibility issue is always there. 

    Also, Okta requires a lot of authentication processes, rules, and policies. Microsoft Endpoint Manager doesn't need them because it already includes overall security policies, and the rules apply to them.

    What other advice do I have?

    There are multiple Microsoft security solutions for securing your applications, data, emails, et cetera. If you have any particular requirements that are compatible with the Microsoft Endpoint Manager, then go ahead with it. If you are already using Microsoft products, then Microsoft Endpoint Manager is a perfect choice. I highly recommend it.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Microsoft Intune
    November 2022
    Learn what your peers think about Microsoft Intune. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
    653,522 professionals have used our research since 2012.
    President/CEO at a tech services company with 1-10 employees
    Real User
    Easy to manage with excellent reporting and a good UI
    Pros and Cons
    • "It's easy to manage."
    • "From a new user's perspective, it may be a little overwhelming because there are quite a few things to look at in the console, however, once you are sort of acclimated and are familiar with your core functions, it's fairly simple and straightforward."

    What is our primary use case?

    Generally, the top three uses are operating system deployments, software updates and patching, and software deployments to endpoints.

    How has it helped my organization?

    If you're a small shop, a two-person organization, yet you have many endpoints, five to 10,000, you can easily manage them. You can manage the masses with one person part-time and it's a good automation tool that takes away the need for multiple folks to do a lot of things in the environment like software deployments or patch management. It's very good at automating those functions.

    What is most valuable?

    The reporting aspect is very nice. It's got about 450 canned reports in it. They're easily customizable. You can get really good granular reports for inventory, patch management, status, and everything. It's very good at reporting.

    It's not hard to set up. It's easy to manage.

    Third-party patching and other solutions integrate with Endpoint Manager. From that perspective, there's no deficiency. 

    The UI is good. You can filter things out so that you'll only see things that are pertinent to your function. 

    What needs improvement?

    It's really matured and improved over the years by assimilating competing products. There are a lot of things that used to be better than Endpoint Manager or not available in Endpoint Manager that were absorbed or purchased and placed into this product. From a deficiency perspective, I can't recall coming across anything substantial. I'm trying to think of a weakness. I compared it to Ivanti. From a new user's perspective, it may be a little overwhelming because there are quite a few things to look at in the console, however, once you are sort of acclimated and are familiar with your core functions, it's fairly simple and straightforward.

    You can modernize the UI a little bit, however, change for a sake of change isn't always a good thing.

    For how long have I used the solution?

    I've been using the solution for 25 years. It used to be called SCCM.

    What do I think about the stability of the solution?

    The solution is very stable.

    What do I think about the scalability of the solution?

    The scalability is great.

    The largest user base I've ever supported, for example, was a headquarters and they had 220,000 endpoints. In contrast, small colleges and educations may only have 500 users, so they can get by with a single server hosting everything. SQL and everything can be one server.

    For us, the solution is extensively used.

    How are customer service and support?

    If you're looking forward to deficiency, I'd say that the Endpoint Manager support at the lower levels is poor. As you go higher and you get like a more engineering level, then you're fine, however, the early stages of support are not the best.

    Which solution did I use previously and why did I switch?

    I've worked with Ivanti and LANdesk and other tools.

    I've used Endpoint Manager every day. I'm currently using it. I've been using it for 25 years. However, there are other ones like BigFix, which I've rarely used. I've used LANdesk a few times. And people would try to use LANdesk to avoid the expensive Endpoint Manager, however, at the end of the day, it costs them more in time to use the LANdesk solution. Ivanti is a competitor, however, they're cobbled together with Shavlik, for patch management they've got Altiris. They bought Altiris and Altiris has been passed around like a cheap hoe from Symantec to Intel, to everybody.

    Altiris was actually developed to support Endpoint Manager and provide asset management. At the time, Endpoint Manager didn't have good asset management, so they actually worked with Altiris, only to find out that Altiris was actively taking Microsoft customers. Microsoft booted them to the curb and they haven't done well since. That was back probably in the late nineties that they did that. Endpoint Manager has been around the longest, it's survived, it's matured and it's the top dog in general.

    How was the initial setup?

    Complexity-wise, it's not hard to set up. It's just a lot of small steps, such as making sure the firewall ports are open and certain things are in place, and all the perquisites are taken care of, as the wizard, the installation wizard for Endpoint Manager, is pretty straightforward. As long as you have SQL and some other features turned on to support the different functions of Endpoint Manager, you're fine. You'll need WSS or you'll need WSS for patching and you'll need SQL reporting services for the reporting portion of it. All those small things. The more lights you turn on, the more configuration you have to do.

    The deployment itself took me four hours end to end, to put all the prerequisites in, however, understanding, of course, may take a while for someone new. I've done this now for over 25 years. For me, it's pretty straightforward and I have, a lot of these things PowerShell scripted so it works very well. You can create a PowerShell script and set the whole thing up from Powershell, which is what I've done.

    Maintenance requirements are low. Since it lives on SQL, if you put a SQL maintenance plan in place, it's pretty much, it's very healthy, it's very stable.

    What was our ROI?

    We've seen an ROI. It enables you to pair down the resources necessary for configuration management. You don't need a large shop to maintain your environment. If you want to develop it, if you want to create new images all the time and that sort of thing, then you're going to need to staff yourself accordingly, however, not necessarily to support Endpoint Manager, just to develop those and payloads that it delivers.

    What other advice do I have?

    I'm a partner. I'm using the most up-to-date version of the solution.

    While the solution was on-prem initially, now it's converted to more of a hybrid. They have co-management so you can manage on-prem and cloud together.

    I'd rate the solution nine out of ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Microsoft Azure
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Amit Srivastava - PeerSpot reviewer
    Architect Lead at a tech services company with 51-200 employees
    Real User
    Top 20
    Works great with Windows but could be improved from a mobile infrastructure point of view
    Pros and Cons
    • "For Windows services, there are multiple options within Intune to modernize it to be more internet-facing and dynamic."
    • "Regarding mobile devices, Intune is good, but there are other services that I would say are ahead of Intune from an administration and reporting point of view."

    How has it helped my organization?

    This solution is on the cloud. What is required currently by our organization is an internet-facing device. The challenges with on-premise have a lot to do with this pandemic. This is why we've seen Intune with the MDM background grow so fast — because we don't have any on-prem limitations. On the cloud, you can manage everything. You can push policies, maintain patches, and maintain security because everything interacts on the cloud. A VPN is not required. In the legacy method, you need to use a VPN for anything and everything. This increases costs.

    What is most valuable?

    For Windows services, there are multiple options within Intune to modernize it to be more internet-facing and dynamic. Intune also provides us with a lot of flexibility to manage Windows-specific devices. 

    Mobile-wise, I like the MAM feature. It provides us with more control over the application identity levels. When combined with Azure, it provides us with multiple opportunities to design and construct a solution that meets a BYOD or CYOD model.

    What needs improvement?

    Regarding mobile devices, Intune is good, but there are other services that I would say are ahead of Intune from an administration and reporting point of view. These are a few things that could be improved from a mobile infrastructure point of view.

    From a reporting point of view, it could use some work. If I need to push a profile, it's a challenge with Intune because first I have to go ahead, remove a user, then add him back; only then does it allow me to push or sync. If it synchronizes, it exits on a cloud-based synchronization time. With AirWatch, there is a function where you can push a profile directly on a device. 

    Overall, Intune has improved from MDM. They have become EMM and now they're moving towards Unified Endpoint Manager. They're just beginning to compete in the market from a mobile point of view, but regarding Windows, they're great. 

    For how long have I used the solution?

    I have been using Microsoft Intune for more than five years. 

    What do I think about the stability of the solution?

    I'd say it's 99% stable. Azure being in the background has impacted it a bit, but overall, it's stable. 

    What do I think about the scalability of the solution?

    Currently, Intune is on track to exceed SCCM. In the near future, most companies will be using Intune. Currently, roughly 25% to 30% of companies use Intune. The rest of them, 40% to 50%, are still using SCCM and trying to evolve old solutions — this will change. This whole management model will completely change into a hybrid Intune model or a complete Intune model.

    How was the initial setup?

    The vendor ships the machine directly to you. All you need to do is connect it to the internet. It takes around 30 minutes or 40 minutes depending on the configuration. After that, you're ready to go. Post setup, if you need anything, you can simply go to the built-in Intune company portal and shop from there. This saved us a lot of time.

    Still, the initial setup was not straightforward. When we initially started with Windows, there were a lot of open items. There were a lot of things which were not there. Obviously, we couldn't just move a company directly from on-prem to cloud. There is complexity, there are some legacy procedures that we had to follow. At that point in time, Intune was not ready, but currently, there are a lot of options that can fulfill your security requirements, your network requirements, your application requirements, user accessibility requirements, and the user experience. All of these things are pretty much in the place now. To start with, it was not this way. 

    When I started using this solution, it took me roughly one year and three months to understand how to build it, to do due diligence, etc. Now, I can migrate an organization within 13 days.

    What about the implementation team?

    Implementation is a complete team effort. You have to understand a company from a network point of view, a security point of view, a compliance point of view, and a GDPR and HR point of view. These things take time to analyze; it's still maturing but it's a little bit better than what we had before. Now, after I have interacted with an organization, I can get it up and running within 15 or 16 days.

    What was our ROI?

    I never got a complete picture regarding how much we've saved thanks to this solution. Still, I think it's very significant. We stopped using a lot of services because we didn't need them anymore. We don't need a lot of resources — we don't need to procure them. We don't need a VPN solution, plus, shipping is all taken care of. 

    Which other solutions did I evaluate?

    I started my journey with AirWatch. It was primarily an MDM solution. According to Gartner, AirWatch and Microsoft are currently neck-and-neck. From an organization requirement point of view, regarding MDM, I'd say AirWatch is a step ahead of Intune.

    For the last four years, I've only used Intune. I don't know how AirWatch has improved over the last four years. Still, simple things, like pushing a profile are much easier with AirWatch compared to Intune. From a UI point of view, it's really easy for an admin to go ahead and work using AirWatch. From a deployment point of view, there are multiple options for retaining user data. 

    What other advice do I have?

    As long as it will not primarily be used for banking or security purposes, I would recommend Intune. If you work in a banking environment and are looking for a high-security solution, then I would recommend VMware, AirWatch, or Jamf. As I said, Intune is still developing. Maybe this will change after another year, but currently, regarding banking and security, AirWatch is a step ahead when it comes to mobile infrastructure policy. 

    Overall, on a scale from one to ten, I would give Intune a rating of seven.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Enterprise Computing Services Manager at a government with 10,001+ employees
    Real User
    Top 20
    Helpful in securing and managing devices, simplifying operations, and eliminating a lot of paperwork
    Pros and Cons
    • "Its security is most valuable. It gives us a way to secure devices, not only those that are steady. We do have a few tablets and other devices, and it is a way for us to secure these devices and manage them. We know they're out there and what's their status. We can manage their life cycle and verify that they're updated properly."
    • "It doesn't economize when you scale up. We have over 14,000 employees, and we have between 7,500 and 8,000 city-owned or personal devices being used to conduct city business. Its price can be improved. It is not a cheap solution."

    What is our primary use case?

    We use it to a small extent for approximately 1,100 devices. The biggest portion of it is used in the Aviation department, which is one of our departments. They have invested heavily in some customized software that they've developed in-house. It is put on the devices, and the devices are primarily used by field staff. It's basically a mixture of work order assignment and work order management, as well as record keeping. For example, I could have a technician who is assigned to go and do a preventive maintenance inspection on an HVAC component in one of the terminals. That request or work order is submitted to his device. When he gets there, he scans barcodes for the room he is in and for the piece of equipment that he is working on. So, they track their actual work order, work order status, workloads, and equipment life cycle, and that's all done through Intune.

    How has it helped my organization?

    It helps us in securing devices. It has eliminated a lot of paperwork. It has simplified record-keeping and maintenance of equipment, life cycle management, staff workload, work hours, et cetera. That's the biggest impact on us, and that's also where most of the devices are used.

    What is most valuable?

    Its security is most valuable. It gives us a way to secure devices, not only those that are steady. We do have a few tablets and other devices, and it is a way for us to secure these devices and manage them. We know they're out there and what's their status. We can manage their life cycle and verify that they're updated properly.

    What needs improvement?

    It doesn't economize when you scale up. We have over 14,000 employees, and we have between 7,500 and 8,000 city-owned or personal devices being used to conduct city business. Its price can be improved. It is not a cheap solution.

    For how long have I used the solution?

    It has been years since it was implemented.

    What do I think about the stability of the solution?

    Its stability has been fine. We've had no issues at all.

    What do I think about the scalability of the solution?

    I don't see any issues with it. We currently have only about 1,100 users and licenses for the Intune product. The largest portion or over 50% of usage is by our Aviation department for tracking and managing their work order, workload,  equipment life cycle, etc. Other users are scattered in small numbers throughout a number of departments. 

    Our Parts department also uses it. One thing that's a little bit unique is that they also have these assigned to temporary workers. So, we provide the licenses for a number of temporary workers for the summer or for the winter, and then we take them back and reassign them to somebody else. 

    The other departments mostly use it for educational or small use cases where they think this will be a good fit, and it is the product that is available to them. I've heard nothing bad about it, and I have no problem at all with Intune.

    In terms of future growth, we're currently looking at another product, but that doesn't mean we're going to go with that other product. We're working with a vendor on another solution, and that vendor also has a mobile device management product, but we're not yet ready to go there.

    How are customer service and support?

    I've no direct input on it. Right now, we're on unified support, but we've always had their premier support. If we ever have a problem with any of our Microsoft products, including Intune, we do have a way to reach out and get additional assistance.

    Which solution did I use previously and why did I switch?

    I'm not aware of any other solution being used. I know there were one or possibly two failed mobile device management project implementations. I was not a member of the department then, so I don't know the details. I only know that both of the deployments failed. In other words, either the vendor promises were not met, or we found a function that was supposed to exist but did not exist. 

    How was the initial setup?

    It was pretty straightforward. It was not a very long, complex, and involved process. It was fairly easy to set up.

    What about the implementation team?

    It was done in-house. For its maintenance, we have no one dedicated to it. Our client computing side takes care of that.

    What was our ROI?

    I've never tried to quantify an ROI for the program. We have just a small number of devices. At some point, we will look at implementing large-scale mobile device management, and that'll be a different case where we may look at Intune, Workspace ONE, or another product.

    What's my experience with pricing, setup cost, and licensing?

    It is not a cheap solution. The price for a device when you start using it at a large scale can be improved.

    It is covered under our enterprise agreement. We pay once a year. I am not aware of any additional costs.

    What other advice do I have?

    It meets the basic security needs and management needs for most organizations. It allows you to monitor the security of devices and manage those devices if they're organization-owned. It is fairly easy and straightforward to manage. It is not difficult. Some of the other solutions are a little bit more difficult.

    I would rate it an eight out of 10. It meets all the basic needs that most organizations will have for device management and device security. I am not sure if it can provide the required level of security for different business scenarios that require additional security, which means you'd have to run two systems in tandem.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Microsoft Azure
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    System Engineer at a tech services company with 201-500 employees
    MSP
    Top 5
    Great patching for Windows, but not for MacOS
    Pros and Cons
    • "Application deployment and keeping the devices secure no matter where they are, by having this cloud solution — that has been great."
    • "There needs to be more support for Mac operating systems."

    What is our primary use case?

    We use Microsoft Intune for application deployment and for some of their security policies and end-devices policies. We also use it for patching. Patches for Windows 10 devices and MacOs, we're still figuring out what to do because we don't have many options on Intune for Mac operating systems. Patching and looking for OS deployment as well. Operating system deployment.

    Within our organization, there are roughly 150 users, using this solution.

    We use Microsoft Intune on a daily basis. What Microsoft does, is it releases patches every month. The device hash reports to Microsoft Azure Intune. If you want it to receive patches or policies, which you have created on Intune and you have deployed, then the device will receive the policies and patches only if it's online and connected to the internet. Whenever the device is online and connected to the internet, it's connected to Intune. You don't have to worry about having an additional agent or anything on your devices.

    What is most valuable?

    Patching for Windows in operating systems is great. Most organizations are going remote now due to this pandemic, so patching is one of the most feasible solutions we can think of — patching end-user devices. Application deployment and keeping the devices secure no matter where they are, by having this cloud solution — that has been great. Deploying the security policies to the devices. 

    What needs improvement?

    There needs to be more support for Mac operating systems. Support for patching, because we have very few, or minimal options from Intune for patching Mac operating system.

    In the next release, I would like to see better compatibility for Mac operating systems — that would be really helpful. Also, if the support for Mac was as flexible as it is for Windows, that would be really appreciated.

    For how long have I used the solution?

    Personally, I have been using this solution for the past 13 months.

    What do I think about the stability of the solution?

    I haven't experienced any issues relating to stability.

    How are customer service and technical support?

    We have spoken to the technical support on a few occasions. They have only ever provided us with minimal information. 

    Which solution did I use previously and why did I switch?

    We used to use a SCCM or System Center Configuration Manager tool; it was also provided by Microsoft, but it's an off-prem tool. You need an on-prem setup and a server operating system and everything. On that server operating system, you can install this tool and start using it. We also used another tool called Automox, which was a patching tool. It's only meant for patching devices, different operating systems, Linux operating system, Windows, Mac operating system; however, it didn't have support for mobile devices.

    How was the initial setup?

    The initial setup is a very simple process. You don't have to do anything on on-prem. Since it's a solution from Azure, it's a software service. You just have to buy the subscription. You just need to have the license in place and then you can just start using it. There is not much setup involved. If you want to integrate your Azure solution with your on-prem solutions, then you have to do a bit of integration.

    If you're going with standalone Intune, you don't have to think of setting up anything. You can just use it, pay for whatever your problems are, find a solution for that, and start using it — that's all. You don't have to worry about the setup for standalone Intune.

    What about the implementation team?

    All maintenance is handled by the vendor.

    What's my experience with pricing, setup cost, and licensing?

    Licensing depends on how you are providing support to your enterprise, whether it's device-based or user-based. If you're providing device-based support, you need to buy a device pertaining license. If you're providing support for users, then you have to go with user licenses. If are integrating Intune with FSCM, which is an on-prem tool, then the same scenario comes in either devices or users.

    If you are providing support only for devices, like device-based policies, with Intune, there's a type of policy that allows you to deploy to either the devices or users. If you're looking for a solution where only devices can receive it, rather than users, in that case, you need to purchase only one license for Intune — I'm talking about integrating Intune with FSCM. You only need to purchase one license. Since you have already purchased FSCM on-prem, Microsoft has that flexibility; you can extend those licenses with the devices as well when you're integrating the devices with Intune. I don't know about the pricing, but I know about the licenses.

    What other advice do I have?

    I would absolutely recommend Microsoft Intune. Currently, I would definitely recommend any cloud solution. Most organizations were actually using on-prem solutions for managing their enterprise devices. Now, since everything is remote, people are confused. How can they manage their devices the same as they were before this pandemic? If they find Intune very pricey, they can go with another cloud solution. Intune it's very user-friendly. You just have a screen and console and you can just go in and start deploying anything. All you need are the user guides, which are fully-available with Intune.

    Intune is a very good cloud solution for managing devices. They could actually make it better by putting everything together, in one place, like other MDM solutions are doing. If you compare Intune with VMware, VMware also has an MDM solution called AirWatch. Intune should compare itself with other MDM solutions and try to bring up those features as well. For right now, I would just say it's a very good solution for managing remote devices.

    On a scale from one to ten, I would give this solution a rating of six.

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Microsoft Azure
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Peter Augustin - PeerSpot reviewer
    Communication & Collaboration Department - Global Messaging & Mobility Specialist at a pharma/biotech company with 10,001+ employees
    Real User
    Top 10
    Good pricing, excellent scalability, and offers integration with conditional access
    Pros and Cons
    • "We already use a lot of Microsoft products in our company, and therefore, it made sense to also use this product."
    • "There are a lot of small use cases where we realized that some technical solution was missing in Microsoft in comparison to other products. For example, it lacks something similar to sensing or location-based rules and configurations."

    What is our primary use case?

    We primarily use the solution for device management. 

    There are a lot of use cases, however, the base is the mobile security for our corporate devices and deployment of applications. We are a worldwide organization and in many countries. There are also country-based use cases, or areas that incorporate these use cases for some specific business units such as healthcare and similar SAP solutions. We have a lot of small areas where we use this, however, the main driver is improving the security of the devices and providing some automation configuration for the users including VPN solutions and corporate WiFi connections, applications, et cetera.

    How has it helped my organization?

    If I compared this product to XenMobile, except the conditional access, which was also partially possible to integrate with Citrix XenMobile, then there is not much difference between the two. The functionality s very good. However, the main way this has improved our organization is that there is support for conditional access and native integration with Office 365 services which we migrated to. 

    What is most valuable?

    The integration with conditional access is great. That's maybe the most important aspect of the solution.

    The pricing is very good.

    We already use a lot of Microsoft products in our company, and therefore, it made sense to also use this product.

    For the most part, the solution is stable.

    As a cloud solution, the scalability on offer is great.

    What needs improvement?

    There are a lot of small use cases where we realized that some technical solution was missing in Microsoft in comparison to other products. For example, it lacks something similar to sensing or location-based rules and configurations.

    We would like, for example, integrated remote control or a remote session tool or something like this. You must have TeamViewer and the integration with this is limited and it's extra money. Nothing is built-in. Some functionalities are really limited to fully managed devices and so on. It took a long time for them to integrate the big ECS infrastructure into the corporate devices. This is now done, however, it took a longer time than expected.

    Technical support could be h=better.

    For how long have I used the solution?

    We've used the solution for the last three years, starting with the integration. 

    What do I think about the stability of the solution?

    The solution is pretty stable. As it is in the cloud, there are not many issues in terms of a service outage or things like this. Maybe when there are new patches integrated every month, which sometimes happens, some functionality may be influenced or affected. It's more or less a small issue, however, issues are possible. I don't recall a situation where downtime happened or users were really affected, however. It's just an occasional issue we may have with a patch that we would need to address.

    What do I think about the scalability of the solution?

    The solution is quite scalable. As a cloud product, there are no issues surrounding expanding if you need to. 

    We have maybe 27,000 people using the solution at this time. There is a plan to have all mobile users in this solution, so we are talking about 70,000 users at some point. However, it's a question also of the licenses, as you have to have a license for that product.

    How are customer service and support?

    Technical support is hit and miss. Sometimes it's really good and other times it's not so great.

    Which solution did I use previously and why did I switch?

    We used Citrix Endpoint Management in the past. We used it about two years ago. It was a good product. They are comparable, really, Citrix and Microsoft. 

    How was the initial setup?

    I was not involved from the beginning of the project. However, from what I remember, we did the implementation directly with the help of a support engineer from Microsoft. Their involvement ensured the setup was not such a big deal.

    Deployment took maybe one year in our environment, however, this was because we had a lot of time to tune it up and to test it, to have a pilot for a few months and then add more people to the pilot before we started migrations for mobile, for example. We took our time to really prepare the product as best as possible and then deployed it to the users and migrated them over.

    We have two levels of people at a global level that handle deployment and maintenance. They mostly focus on improving the environment, not troubleshooting WiFi issues. 

    What about the implementation team?

    We had direct assistance from Microsoft. Their assistance made the process seamless and it was a positive experience.

    What's my experience with pricing, setup cost, and licensing?

    The solution offers reasonable pricing.

    It's my understanding that we have the licensing set up for monthly payments, however, it's not an aspect of the solution I'm directly involved with. I don't know enough about it.

    That said, I am aware that, in order to have mobile involved, you need the EMS solution or EMS license, and that's an extra cost to the standard Office license.

    What other advice do I have?

    We're just a customer and an end-user.

    As we are on the cloud version of the solution, we are more or less on the latest version of the solution.

    The product was chosen for political reasons, as the company is mostly using Microsoft products and also the prices were maybe better than other options. 

    I'd recommend the solution to others. If they are already using Microsoft or 365, it's a good product for companies sot have. 

    I'd rate the solution at an eight out of ten.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Specialized Engineering Manager (Digital Workplace & Unified Communications) at a comms service provider with 10,001+ employees
    Real User
    Comes bundled with Microsoft 365, saves money, and has a pretty easy initial setup
    Pros and Cons
    • "If you need only to load a specific profile and you don't have deep security functionalities, et cetera, Intune is very nice and good."
    • "They need to integrate more with security options."

    What is our primary use case?

    The solution is primarily used to manage iOS, Android, and also Windows 10 or Windows 11. It's to manage end-user devices.

    What is most valuable?

    The best thing about Intune for the customers is simply that it's included in the different plans of Microsoft 365. If a customer needs Office or collaboration tools, Intune is included. It's for free. If the company has another MDM, normally they are paying for it. This product is included in the license of Microsoft 365. We find that the customers, in general, want to change the solution, to move from another classical MDM to Intune due to the fact that they save money.

    If you need only to load a specific profile and you don't have deep security functionalities, etc, Intune is very nice and good.

    The initial setup is very simple.

    What needs improvement?

    If you need some restrictions or some integrations or you need integrations with security options, or if your mobile terminals are industry-special or ruggerized, bar code readers, printers attached, this might not be the best option. If your MDM has to be really specific, perhaps Intune is not the better option. You have to consider MobileIron or Workspace ONE or MaaS360 or similar.

    They need to integrate more with security options. When the customers want some specific security functionality they begin to think about other platforms. 

    What do I think about the stability of the solution?

    The stability is very good. There are no bugs or glitches. It doesn't crash or freeze. It's pretty reliable. 

    What do I think about the scalability of the solution?

    Scaling is simple. It depends on the licensing. If you have licenses for that, the only thing you have to do is to continue with the enrollment of the terminals. It's very easy. You have to assign the terminals to a group of users with different restrictions or policies and that's it.

    How are customer service and support?

    With the CSP licenses, we as a cloud service provider, are obliged to provide services. With our service, we provide support to the licenses. When we sell licenses differently, in the LSP scheme, then we have to sell the premium service for the customers.

    I don't use it directly. That said, I know the ratings of the services that we provide for our services. The only thing that I should say is that normally when we have an SLA with a customer for Microsoft, there is a specific response time that we can provide as a service provider. They do not consider that. They say, "Our service is this. This is our SLA." Then, our service level agreement is eight hours. 

    Sometimes, when you offer a service level agreement with a customer, the support of the manufacturer or of the vendor is included. It's the only thing that, if you are providing services on an end-to-end basis, you have to consider. Sometimes, when you call Premier Support and you say, "Please, I need a solution before six hours," it doesn't matter for them. They say, "I have not six. I have eight, so don't call me if I'm in the eight hours."

    How was the initial setup?

    It's very simple to set up. To set up the terminals, it's very easy. You have a manual, and it's very easy to follow. You can configure functionalities for specific users or a specific group of users or things like that. It's great.

    The time it takes to deploy depends on the number of terminals and it also depends on the number of different groups. Perhaps you have to configure the different policies for different groups. That might take longer than a straightforward setup. In an installation with, for example, 1,000 terminals, it typically takes less than a month -three weeks or so.

    I don't personally handle the deployment myself, however. I offer it to clients. I'm not the one to actually do the manual work of implementing it. 

    The amount of people we need to deploy a solution depends on the number of terminals that we have to manage.

    Some customers configure everything at the beginning and nothing changes over time. That said, we have other customers that they are continuously asking for changes. This group of customers will likely need three people more to handle maintenance. For every 1,000 devices, you typically need one and a half full-time employees.

    What was our ROI?

    In terms of ROI, it depends. If you have licenses included in your plan for M365, Microsoft 365, from the very beginning, if you have to sell that, it depends on the business case that you can do. It's different if you buy a CSP or LSP license.

    One kind is considered as a cost and another is considered as an investment. The LSP is an investment. 

    In the products and services space, from a pay-per-use perspective, I don't see a relationship between this product and ROI. 

    What's my experience with pricing, setup cost, and licensing?

    There are different kinds of licenses. We sell two licenses from Microsoft, the LSP or the CSP. The service that we have with Microsoft is based on the CSP kind, so the payment is monthly, considered as an expense, not an investment o asset. It depends on if you buy a set of licenses only for Intune - which can be sold separately, or can be included in M365.

    What other advice do I have?

    We are gold partners with Microsoft.

    I would rate the solution at a nine out of ten.

    For simple installations, for simple management, perhaps Intune is fine. However, for more complex installations, it might not be enough.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: business partners
    PeerSpot user
    Buyer's Guide
    Download our free Microsoft Intune Report and get advice and tips from experienced pros sharing their opinions.
    Updated: November 2022
    Buyer's Guide
    Download our free Microsoft Intune Report and get advice and tips from experienced pros sharing their opinions.