Microsoft Intune Reviews

For the most part, we use it to manage mobile devices. Most of the time, they are Windows devices. We manage them by deploying policies so that we can control the antivirus on them and enable BitLocker to encrypt internal drives. We can also control and maybe lock down some Windows settings to ensure that people are locked down and they can only access certain applications.

By implementing Intune, the biggest problem that we wanted to solve was the protection of company data. We wanted to ensure that if a phone or a laptop gets stolen, the company data does not fall into the wrong hands. Secondly, we wanted protection against any rogue employees who might resign or send company data to any of the competitors. So, for the most part, it was device security and governance. They ensure the protection of company data. That is the biggest problem that gets solved with Intune.

Mobile application management has been the best for mobile devices. It is the most efficient and most sought-after feature compared to full mobile device management. When it comes to personal devices, most people feel that the features and the policies are too invasive, and you are interfering with personal data. This is why mobile application management has been the best feature for cell phones. This is the feature that has been deployed the most.

Intune has supported us in terms of efficiency. It makes work easier and reduces internal IT admins' workload. Instead of an admin having to manually install an application on a device, the auto-deployment feature for the application has tremendously reduced the time that an IT admin spends on end-user devices.

Intune along with Defender 365 brings all endpoint and security management tools in one place. It is not only Intune on its own. You do have the Defender 365 component as well. However, for device management, Intune does bring it all together, and you can do at least 80% to 90% of your management from Intune.

It affects our IT and security operations positively. It allows for increased security and most definitely assists with efficiency and time management. It has saved about 30% of the time overall.

Intune is very easy. As long as you have the knowledge, it is very easy to navigate, and they are always improving. It just gets easier and easier as the months and years go by.

With Intune, we have better security, improved device management, and ease of policy management. We spend less time trying to configure devices. There is better time management, ease of access, ease of deployment, ease of patch management, etc.

I use Intune's Endpoint Privilege Management feature. It works quite well, and I am quite satisfied with it.

Intune affects the users positively. It allows the end users to request access when needed. It also reduces the time spent by IT administrators. They do not have to contact users to initiate remote support calls whenever something has to be installed. It definitely increases security and enables less reliance on internal IT support.

It saves costs. There is probably 20% to 50% cost savings. It all depends on the size of the client or business, but there are definitely cost savings.

Intune has most definitely helped to consolidate vendors. This consolidation of vendors has affected our security posture most positively. There are some security vendors out there that are still slightly better with certain features that Intune does not have yet, but in terms of consolidation, it reduced costs, which is definitely a positive.

Intune integrates pretty well with other security solutions in the IT environments that we have. I would rate it a ten out of ten for that.

The security features are most definitely valuable. If I have to give an example, the lockdown features that prevent employees from configuring anything or downloading company data are valuable. We get high-quality device protection, malware protection, and information protection at the same time.

For autopilot, there should be more granularity on the settings that they offer at this stage.

The licensing model that they have for Intune add-on products should also be better. For enterprise app management, as well as endpoint privilege management, currently, there is an add-on license that the customers have to pay for. Microsoft needs to improve its costing model for that so customers would be more interested in utilizing those features. They should not have to pay additional costs for that.

In terms of securing hybrid configurations, they are not 100% there yet. There is definitely room for improvement. Overall, I am about 80% satisfied when it comes to that.

I have been using Intune for at least six years now.

It is pretty stable. I would rate it an eight out of ten.

I would rate it an eight out of ten for scalability.

Our clients are small, medium, and enterprise businesses.

I would rate them a five out of ten. They used to be great, especially when you purchased premium support. However, over the last year or two, their support has definitely deteriorated, but that definitely does not affect my recommendation to use Microsoft products. I would definitely still utilize them because the support is not always poor. There are times when you do get excellent support.

Neutral

I do have experience with other vendors. It depends on which product we are referring to, but in terms of ease of use, I would definitely put Microsoft high up on the list. In terms of consolidated management, you can do everything in one place, whereas in other products, you might need three or four different products to accomplish the same thing.

Its deployment model depends on the client. We have all kinds of deployment models.

Its deployment is average in terms of complexity. It is highly client-dependent. If it is a new client, the deployment is very easy. If it is an existing client, it can be moderate to very complex.

The deployment duration is also client-dependent. It can take a couple of days or a couple of weeks.

It requires maintenance. It is not maintenance in the sense that you must do something to improve it. As new features come out, they change the policies. You must deploy the new set of policies as Microsoft recommends it, but it is not high maintenance. It requires occasional maintenance.

It is average. Some of the costs are quite high depending on what the customer currently uses, but overall, it is not bad. I would not say that I would not recommend Intune based on the cost. I definitely would, but they can definitely improve on the cost. So overall, its cost is not bad.

I would definitely recommend Intune because of the improvement in efficiency and security posture and ease of management.

I would rate Intune an eight out of ten.

I am using Microsoft Intune for a trading company, Where I need to establish a secure administrative role for this product. We utilize Intune to manage Android, iOS, and Windows devices. We use it primarily to secure devices, deploy applications, and enforce security policies. Additionally, when employees leave the company, we can remotely wipe devices or applications, especially if personal devices are used for business purposes.

Microsoft Intune consolidates our endpoint and security management tools into one dashboard.

The user experience is generally positive. While specific changes can sometimes introduce minor issues, these are often related to device operating systems, particularly variations in Android labeling. Consequently, a small percentage of users have reported inconsistencies across different devices. Overall, however, the platform is effective, with 90 percent of users finding Intune a good user experience.

Our team manages most of the security measures we implement, specifically those related to conditional access. This involves deploying various conditional access policies, which I believe is a positive development. Intune has significantly enhanced its capabilities, allowing us to restrict and secure access to corporate data more effectively.

Enterprise application management is a valuable tool for managing non-corporate devices, commonly called Bring Your Own Device. By implementing this feature, companies can protect sensitive data from potential breaches. Intune offers a promising starting point for organizations seeking to adopt this strategy, as it enables control over infrastructure data.

In my experience with management products, Microsoft Intune is a reliable tool for most of our needs, providing a strong foundation for company-wide management. While initial configuration is required, Intune consistently delivers a positive experience for managing applications and devices once established.

Intune is excellent for managing applications from the outset. It allows for robust corporate data protection by implementing Mobile Application Management policies and conditional access, ensuring all data is secure quickly. This strong security foundation enables organizations to leverage Intune's additional benefits fully.

The ease of applying security policies to applications we deploy is the most valuable feature of Microsoft Intune.

Sometimes, the process is unsuccessful when we attempt to reset a device and wipe the data using Intune. This inconsistency requires improvement.

I have been using Microsoft Intune for almost seven years.

Support has been helpful in resolving some issues, but response times are inconsistent. Initial troubleshooting can be lengthy, especially for complex problems. While they sometimes guide us effectively, resolution speed varies widely depending on the issue's complexity. Support performance is inconsistent, with some instances of rapid assistance and others marked by excessive delays.

Positive

The initial deployment was complex because there were many steps, and I failed to get the full results. It took a week to complete, and one person was enough for the deployment.

Microsoft Intune is reasonably priced for large organizations that already have Microsoft Enterprise licenses, but it is less affordable for smaller businesses.

I would rate Microsoft Intune seven out of ten.

Because of all the training and information, it took me a couple of years to see the benefits of Microsoft Intune.

Managing deployed applications requires maintenance, but Intune, being cloud-based, does not necessitate such upkeep.

Public Cloud

I use Microsoft Intune to configure policies and manage devices.

We implemented Intune to manage devices for specific users and departments, including device ownership and access control.

I would rate the Intune user experience eight out of ten. About two years ago, I was a team leader with an apprentice. Before the apprentice arrived, we hired another employee who, on his first day, asked what Intune was. I was surprised he didn't know but was comfortable with it within a few days. In the last few years, Intune has been user-friendly.

Intune Suite provides robust security at the operating system level.

The enterprise application management feature is functioning well in its current state.

By leveraging cloud infrastructure instead of private systems, Intune has offered increased remote security and greater ease of access. While I still appreciate SCCM's capabilities, I am satisfied with Intune's performance.

I would rate Intune's ability to secure hybrid work and data on company devices as nine out of ten.

Due to the infrastructure being used, Intune has helped save a minimum of 30 percent of our cost.

It is important that Intune is integrated with Microsoft 365 and Microsoft Security for cloud and co-managed devices because integrating user accounts is easy.

Intune consolidates endpoint and security management tools into a single platform, but its exclusive focus on Microsoft devices necessitates supplementary solutions for Android and iOS. While Intune simplifies numerous tasks, it doesn't provide a comprehensive, all-in-one solution, requiring access to platforms like Azure or AD for specific functions. Although valuable, Intune's primary challenge in a corporate environment is the complexity arising from overlapping rights and processes across departments due to its extensive management capabilities. As a global admin, I would implement changes to address these complexities and streamline the management process.

Intune's role structure is overly complex, with too many layers creating unnecessary access hierarchies. While users can mitigate this by limiting active roles, I suggest streamlining the menu structure to improve usability. For instance, combining device lists for Autopilot and Intune would be beneficial, as these functions are closely related but currently separated. Redefining categories and consolidating menu paths would enhance navigation and make finding features easier. Essentially, I propose simplifying Intune's interface by better organizing its components.

I would like to see more tooltips, such as those brief descriptions that appear when you hover your mouse over something. For example, when you move your mouse over the "delete" button, a small box could pop up explaining that the object will be deleted but can be restored. This is especially important for grayed-out options. Users should be informed why they cannot perform certain actions, such as requiring a different role, object unavailability, or access through a different part of the system. Tooltips would significantly reduce the time I spend explaining these limitations to others.

Intune Suite's remote command functions could be improved for security. Internet connectivity is required for remote resets, and other actions are limited. I propose a potential solution involving automatic device lock after a specific period without check-in, allowing access only upon reconnecting to the internet. This would enable remote management functions without a constant internet connection. Additionally, the current unreliability of remote command execution, often requiring multiple attempts or restarts, is frustrating and needs addressing.

While the ability to deploy applications at startup is reliable, the policy-based application deployment method has not reached the same level of consistency. This inconsistency between the two methods is a key area for improvement, as reliable startup deployment is a benchmark for the desired level of reliability in policy-based installations.

Though reluctantly, we are utilizing Advanced Endpoint Analytics as application installs and compliance policy issues plague it. Comm client policy errors frequently skew statistics, providing an inaccurate representation of our day-to-day operations. These misleading metrics are largely due to other Intune component problems. While we can access analytics, we often manipulate data to exclude irrelevant demographics and metrics, such as application install failures, to produce more accurate reports. Similarly, device compliance statistics are unreliable indicators of fleet performance. While Advanced Endpoint Analytics offers potential utility, it primarily highlights underlying issues requiring resolution rather than providing actionable insights.

We can rectify endpoint anomalies. However, we overlook many others unless issues are exceptionally critical and high-priority. While Intune Analytics is a system component we utilize, its performance metrics are underwhelming. Conversely, our other ITSM infrastructure metrics are quite positive. Intune Analytics requires significant troubleshooting.

Intune is not as streamlined as SCCM but offers greater accessibility. While Intune is more assured, SCCM ultimately proved more efficient in terms of time spent.

I have been using Microsoft Intune for six years.

I would rate the stability of Microsoft Intune nine out of ten.

I would rate the scalability of Microsoft Intune nine out of ten.

The technical support is good.

Positive

I would rate Microsoft Intune seven out of ten.

We are working to expand Copilot's utility beyond its current primary use case of text-based summarization, which offers limited business value. While it aids productivity in meeting contexts, it does not significantly contribute to tasks that generate value. Consequently, we are investing resources in improving Copilot's capabilities without seeing commensurate returns.

Intune is an accessible system and one of the industry standards, so there's not a lot that you'll be left wanting.

Public Cloud

Microsoft Azure

We opted for Microsoft Intune for endpoint management within our Microsoft solution bundle.

Intune unifies our endpoint and security management tools.

Managing our devices in a single solution helps our IT security operations.

The user experience is good, especially for SIS Administration.

Intune provides 90 percent visibility and IT control across device platforms.

Intune helps us secure our hybrid work.

Our information security team has been quite satisfied with our organization's security posture since deploying Intune.

Microsoft's E3 and S3 subscriptions keep us within their ecosystem and enhance our IT productivity, eliminating the need for third-party solutions.

With the implementation of Intune the risk of security breaches has been decreased.

Intune's unified platform has saved our organization money by eliminating redundant costs, like extra licenses and the need for multiple solutions for the same tasks.

Intune helped us consolidate vendors. This consolidation has improved our security posture.

It is important for us that Intune integrates with Microsoft 365 and Microsoft Security for both cloud and commonly managed devices.

Intune's unified endpoint management platform is invaluable.

Microsoft Intune is not user-friendly to manage and has room for improvement.

The detection and prevention of end-user data leaks from mobile devices can be improved.

I have been using Microsoft Intune for nine months. 

The first level of remote support is inadequate. While the E5 license grants access to advanced support, I've encountered instances where the technical support team deflects responsibility. For example, a recent issue with Microsoft not syncing properly with the cloud was attributed to Windows and redirected to another team. Due to Microsoft's overall responsibility for their products, I believe since it all falls under the umbrella of Microsoft, they should deal with it.

Positive

Once we create our tenants, the migration and synchronization of the users to the cloud services is straightforward.

We deployed the solution in phases and it took around three months to complete. Three people from our end were involved in the deployment.

Our Microsoft partner helped with the deployment.

We evaluated IBM, Ivanti, and Workspace ONE but our management decided to move away from third-party platforms to simplify and save costs.

I would rate Microsoft Intune a nine out of ten. Intune is missing a single-pane-of-glass, requiring us to jump through multiple portals to manage all our devices.

We have 3,000 users.

Microsoft Intune is a top-notch solution and I recommend it.

Hybrid Cloud

Microsoft Azure

I use Microsoft Intune on corporate devices as well as bring your own devices. It is always within an enterprise environment. I deal with industries such as manufacturing and health.

Microsoft Intune provides a more secure way by offering MFA policy, conditional access policies, and R-back policies. I can set up all my GPO policies, and Microsoft is moving these features to Microsoft Intune.

I could not discuss all the areas that need improvement due to time constraints. However, there are definitely challenges that could be addressed.

I have been using Microsoft Intune for around five to six years.

I rate Microsoft support between six to eight. The support often involves third parties hired by Microsoft who are knowledgeable, but sometimes the help I receive is not adequate.

Neutral

I previously used Blackberry until it was discontinued, which led me to switch to Microsoft Intune.

The setup is not difficult. The deployment time depends on the project specifics.

I rate the return on investment for Microsoft Intune as seven out of ten.

The pricing and licensing depend on my company's budget. If the company can afford it, it is manageable.

Overall, I would rate Microsoft Intune as eight out of ten.

Other

I use Microsoft Intune to manage devices and Windows, including Linux and macOS. It provides a zero-touch experience for provisioning mobile devices like iOS, iPad, Android, and macOS. It offers security and serves as a management tool where multiple products can be managed.

Microsoft Intune helps me manage devices and Windows, including Linux and macOS. It provides a zero-touch experience for provisioning mobile devices like iOS, iPad, Android, and macOS. It offers security and acts as a management tool where multiple products can be managed. Having all endpoint and security management tools in one place reduces the IT department's workload, making provisioning devices faster compared to traditional methods.

The reporting part needs improvement, and it would be beneficial if it could integrate with third-party tools instead of just Power BI. Additionally, the inventories could be enhanced.

I have ten years of experience working with Microsoft Intune. I also have experience with Jamf Pro, which I have used for four years.

I can give Microsoft Intune a ten out of ten for stability.

I can give Microsoft Intune a nine out of ten for scalability.

Customer service is good, and I would rate it nine out of ten.

Positive

I did not use any other solution before Microsoft Intune.

The initial setup was conducted in-house, and no external integrator or consultant was used.

We did not use an integrator or consultant; everything was done in-house.

Microsoft Intune is a cost-saving solution, reducing IT department workload and allowing for faster device provisioning compared to traditional methods. However, I am not sure about the exact savings per month or year.

I find the price somewhat affordable.

I never evaluated any other options before choosing Microsoft Intune.

My advice is to improve the reporting capabilities and integrate with third-party tools. I rate the overall solution nine out of ten.

Public Cloud

Other

I'm working with InTune on the user side. It's used for device enrollment and mobile device management. It's used for remote desktops and remote control for compliance. 

The solution helped us resolve user enrollment issues. Sometimes, users want to reset, for example, file server systems and Intune ensures a user can't just enroll any new systems.

The mobile device management is very useful. With mobile device management, we can monitor everything and control devices. We can monitor devices and fix things on remote desktops. 

Intune brings all endpoints and security management tools into one place. This helps us monitor everything from one portal. We can exclude any PowerShell command. It helps us not only monitor for but also fix any problems. We can add and remove items remotely from any device from a single place. 

The solution has a helpful feature called Co-Pilot. We can access it via the portal and configure it as we need. However, I have not used it myself. 

We use Intune with a hybrid model. We can connect it easily to other services. 

With the ability to monitor everything from one place, our security is quite good. The level of security is better. I'd rate the level of security we've been able to achieve ten out of ten.

It's positively affected IT productivity in our organization. Having Intune has made our IT engineers more effective. They can use the cloud portal from anywhere and at any time to easily adjust or deploy whatever users need. 

We've been able to save money compared to using SCCM. Intune has helped from a cost-savings perspective, although I can't speak to exact costs. 

There are a lot of updates happening on Microsoft.

I've used the solution for about six months. 

I haven't had any challenges with stability.

I haven't come across any limitations in terms of scalability. 

I've never had to reach out to technical support.

I also use VMware. 

The initial setup was straightforward. We simply needed to create an account don't he Microsoft side and then we can go and get licenses. 

I administrate and maintain Intune for the company.

I don't have any visibility in regards to Intune pricing. 

I'd recommend Intune to others. I'd rate Intune ten out of ten. 

Public Cloud

We use Intune to manage endpoints as a centralized enterprise solution. Instead of relying on Active Directory or an on-premise system, we directly manage employee devices using Microsoft Intune. Intune, a cloud-based SaaS product, simplifies endpoint management. From a user perspective, it's an improvement. Users no longer need to be on the office network. They can set up their devices anywhere with an internet connection, whether at home or another location.

Security is also enhanced. By using Intune as a mobile device management solution, we can implement security controls and restrictions on endpoints. Intune helps us achieve a balance between user experience and security.

Managing remote employee devices with Microsoft Intune is easy. Intune acts as a central platform for deploying controls, policies, and applications to our endpoints. It simplifies the delivery of these configurations to our remote workforce.

Intune simplifies our mobile application management. Once implemented across the organization, it will eliminate our reliance on on-premises solutions. Previously, managing endpoints required using our System Center Configuration Manager. Now, Microsoft offers a unified solution called Microsoft Endpoint Manager. Intune, a key component of this suite, allows for convenient device enrollment over the internet, streamlining endpoint organization.

Intune helps bring our endpoints and security management tools into one place.

Consolidating endpoints and security management tools simplifies IT and security operations. This unified approach offers a single solution or console for all tasks. Role-based access control ensures each administrator only sees and modifies what's relevant to their role. For example, the security team can access Intune solely for security-related functions, while the patch management team has its own set of permissions. This centralized management is significantly easier to handle than using multiple third-party tools. Intune provides a comprehensive solution where everyone can configure settings – security, endpoints, controls, etc. – within a single platform.

Intune offers endpoint visibility and IT control across various device platforms. It simplifies troubleshooting and device management compared to other solutions. Intune excels in providing a comprehensive solution. We can manage applications, security controls, and patching processes all within Intune. This eliminates the need to rely on three separate solutions. With Intune, everything is consolidated into a single platform, allowing for combined reporting and streamlined issue resolution.

Enrolling endpoints with Intune is a breeze! The overall user experience is excellent, easily a nine out of ten.

There are three critical features of Intune for maintaining our devices' security. Endpoint encryption ensures data on the device is scrambled even if it's lost or stolen. Intune supports BitLocker encryption for Windows devices and file-level encryption for Mac devices. Defender is a comprehensive security solution that helps protect devices from malware, viruses, and other threats. Compliance policies in Intune allow us to define security requirements for devices. These policies can enforce encryption, complex passwords, and other security settings. If a device doesn't meet the compliance policy, it can be restricted from accessing organizational resources. Intune can also send notifications to users or administrators when a device becomes non-compliant.

In the initial stages of migrating from our on-premises solution to Intune, we relied on device compliance policies. We configured these policies to require the latest antivirus signatures, specifically targeting developer devices. This ensured compliance and minimized the risk of non-compliance impacting their work. While compliance policies were initially used, we've since transitioned to Microsoft Defender, which now plays a major role in our device security strategy.

Intune's application deployment feature has significantly improved efficiency in our IT department. As one of its key functionalities, Intune allows deployment of a variety of applications with different extensions, such as .DXE or .MSI files. However, for applications requiring custom license scripts, batch files, or executables, Intune provides its own Windows app deployment toolkit. This toolkit facilitates the conversion of these files into a format compatible with the Intune app store and its update system.

The user interface is easy to navigate. Microsoft provides monthly updates that introduce new features. Previously, they provided pie chart visualizations for complaint and policy control status reports. These have been transitioned to standard chart formats. Overall, the UI continues to improve with each Microsoft update.

Company-owned devices are subject to a different set of policies. These policies may be very strict, restricting certain functionalities, or they may prioritize security above all else. On the other hand, for BYOD programs, we provide users with certain privileges for their mobile devices and laptops. We create a secure, isolated environment in a sandbox to manage the devices within that environment. Security is a major consideration for both BYOD and company-owned devices.

Intune has increased our IT productivity for patching and security by around 15 percent.

Microsoft Intune helps our organization reduce the risk of security breaches by eight percent by deploying zero-day patches in conjunction with Defender and Sentinel.

Intune has helped us consolidate vendors with the driver deployment and onboarding.

We manage configurations for Microsoft 365, co-managed devices, Azure, Defender security controls, and DLP controls within Intune. This centralized platform allows us to configure roughly 80 percent of these services and controls in a single location.

A valuable feature is user enrollment, where users can enroll their devices in their organizations themselves. This streamlines the process and saves IT time.

Another key benefit is zero-day productivity. During enrollment, the user has access to the applications and settings the organization needs them to have, making them ready to work immediately. Intune essentially pre-configures the device based on the user and organization during enrollment.

Finally, Intune offers easy patch management for various endpoints, including Windows 10, 11, and Macs. Deploying upgrades and monthly patches is significantly simpler compared to other solutions, both from Microsoft and third-party vendors.

The current Intune reporting functionality could benefit from some improvements. Specifically, a report that tracks patch deployment status would be valuable. Ideally, I'd like a report that provides device-level details on applications and controls deployed. However, it seems like other organizations might be more interested in control-centric reports, showing details like what control was deployed, the number of devices affected, and other relevant device data. Overall, reporting is the area where we're encountering the most challenges with Intune.

I've been using Microsoft Intune as a comprehensive solution for the past six years. While I had some experience with it before 2019, it was limited to mobile device management. Since 2019, I've been managing the full Intune suite as an administrator, overseeing Windows endpoints, Mac endpoints, Android and iOS.

I would rate the stability of Microsoft Intune eight out of ten.

Microsoft Intune excels in scalability, earning it a nine out of ten rating. It empowers organizations to migrate to the cloud and manage all their endpoints seamlessly. This includes a wide range of platforms like Windows, macOS, mobile devices, and even Linux. Intune simplifies endpoint management by offering a centralized solution for all these platforms.

The response time and technical knowledge of the support team is not what it used to be.

Neutral

We previously used an on-premises solution, Microsoft Endpoint Manager, to manage our devices. The pandemic necessitated a shift to the cloud.

The initial deployment of Intune can be complex because it is linked to Microsoft Entra, which itself is a complex product. This complexity depends on the desired outcome. Intune's deployment complexity hinges on whether users will enroll their devices themselves or if the IT team will enroll them and grant access. A proper pre-assessment is crucial to determine if Intune's complexity aligns with our desired outcome.

Our deployment took two months to complete because of the internal security approvals we required.

Three administrators were required for the deployment.

The price for Intune is fair.

I would rate Microsoft Intune eight out of ten. There are some improvements concerning the reports and there are other design-related concerns that we are looking at in Intune.

We don't have the tunnel option because we primarily work in a restricted computer environment. Our organization uses Microsoft Intune to manage applications within a dedicated sandbox environment. We perform frequent updates to ensure everything is current.

During the initial onboarding process, we encountered some challenges, and multiple teams were involved in resolving them. For example, users from India might experience issues like broken URLs or restricted access due to their ISPs. Similarly, in China, certain URLs might be blocked by some internet service providers. To address these issues, we initially involved additional administrators from each region on the administrative side. However, we've since transitioned to a centralized management structure with a core team of five to six members overseeing the entire organization.

We maintain a separate development Intune environment for User Acceptance Testing specific to the Asia Pacific region. Since our production environment is also located in Asia Pacific, we essentially have two Intune instances: one for development and one for production. We also have around 290,000 devices.

We have a team of five Intune administrators. The only maintenance required for Intune is the updates.

I recommend Microsoft Intune.

Based on the number of users and devices you're enrolling, I recommend having separate UAT and production Intune environments for larger deployments. For simpler environments, a single Intune license is sufficient to manage your devices and integrate with your Enterprise and Microsoft 365 solutions.

Public Cloud

Microsoft Azure