Microsoft Intune Reviews

We use it to a small extent for approximately 1,100 devices. The biggest portion of it is used in the Aviation department, which is one of our departments. They have invested heavily in some customized software that they've developed in-house. It is put on the devices, and the devices are primarily used by field staff. It's basically a mixture of work order assignment and work order management, as well as record keeping. For example, I could have a technician who is assigned to go and do a preventive maintenance inspection on an HVAC component in one of the terminals. That request or work order is submitted to his device. When he gets there, he scans barcodes for the room he is in and for the piece of equipment that he is working on. So, they track their actual work order, work order status, workloads, and equipment life cycle, and that's all done through Intune.

It helps us in securing devices. It has eliminated a lot of paperwork. It has simplified record-keeping and maintenance of equipment, life cycle management, staff workload, work hours, et cetera. That's the biggest impact on us, and that's also where most of the devices are used.

Its security is most valuable. It gives us a way to secure devices, not only those that are steady. We do have a few tablets and other devices, and it is a way for us to secure these devices and manage them. We know they're out there and what's their status. We can manage their life cycle and verify that they're updated properly.

It doesn't economize when you scale up. We have over 14,000 employees, and we have between 7,500 and 8,000 city-owned or personal devices being used to conduct city business. Its price can be improved. It is not a cheap solution.

It has been years since it was implemented.

Its stability has been fine. We've had no issues at all.

I don't see any issues with it. We currently have only about 1,100 users and licenses for the Intune product. The largest portion or over 50% of usage is by our Aviation department for tracking and managing their work order, workload,  equipment life cycle, etc. Other users are scattered in small numbers throughout a number of departments. 

Our Parts department also uses it. One thing that's a little bit unique is that they also have these assigned to temporary workers. So, we provide the licenses for a number of temporary workers for the summer or for the winter, and then we take them back and reassign them to somebody else. 

The other departments mostly use it for educational or small use cases where they think this will be a good fit, and it is the product that is available to them. I've heard nothing bad about it, and I have no problem at all with Intune.

In terms of future growth, we're currently looking at another product, but that doesn't mean we're going to go with that other product. We're working with a vendor on another solution, and that vendor also has a mobile device management product, but we're not yet ready to go there.

I've no direct input on it. Right now, we're on unified support, but we've always had their premier support. If we ever have a problem with any of our Microsoft products, including Intune, we do have a way to reach out and get additional assistance.

I'm not aware of any other solution being used. I know there were one or possibly two failed mobile device management project implementations. I was not a member of the department then, so I don't know the details. I only know that both of the deployments failed. In other words, either the vendor promises were not met, or we found a function that was supposed to exist but did not exist. 

It was pretty straightforward. It was not a very long, complex, and involved process. It was fairly easy to set up.

It was done in-house. For its maintenance, we have no one dedicated to it. Our client computing side takes care of that.

I've never tried to quantify an ROI for the program. We have just a small number of devices. At some point, we will look at implementing large-scale mobile device management, and that'll be a different case where we may look at Intune, Workspace ONE, or another product.

It is not a cheap solution. The price for a device when you start using it at a large scale can be improved.

It is covered under our enterprise agreement. We pay once a year. I am not aware of any additional costs.

It meets the basic security needs and management needs for most organizations. It allows you to monitor the security of devices and manage those devices if they're organization-owned. It is fairly easy and straightforward to manage. It is not difficult. Some of the other solutions are a little bit more difficult.

I would rate it an eight out of 10. It meets all the basic needs that most organizations will have for device management and device security. I am not sure if it can provide the required level of security for different business scenarios that require additional security, which means you'd have to run two systems in tandem.

We primarily use the solution for device management. 

There are a lot of use cases, however, the base is the mobile security for our corporate devices and deployment of applications. We are a worldwide organization and in many countries. There are also country-based use cases, or areas that incorporate these use cases for some specific business units such as healthcare and similar SAP solutions. We have a lot of small areas where we use this, however, the main driver is improving the security of the devices and providing some automation configuration for the users including VPN solutions and corporate WiFi connections, applications, et cetera.

If I compared this product to XenMobile, except the conditional access, which was also partially possible to integrate with Citrix XenMobile, then there is not much difference between the two. The functionality s very good. However, the main way this has improved our organization is that there is support for conditional access and native integration with Office 365 services which we migrated to. 

The integration with conditional access is great. That's maybe the most important aspect of the solution.

The pricing is very good.

We already use a lot of Microsoft products in our company, and therefore, it made sense to also use this product.

For the most part, the solution is stable.

As a cloud solution, the scalability on offer is great.

There are a lot of small use cases where we realized that some technical solution was missing in Microsoft in comparison to other products. For example, it lacks something similar to sensing or location-based rules and configurations.

We would like, for example, integrated remote control or a remote session tool or something like this. You must have TeamViewer and the integration with this is limited and it's extra money. Nothing is built-in. Some functionalities are really limited to fully managed devices and so on. It took a long time for them to integrate the big ECS infrastructure into the corporate devices. This is now done, however, it took a longer time than expected.

Technical support could be h=better.

We've used the solution for the last three years, starting with the integration. 

The solution is pretty stable. As it is in the cloud, there are not many issues in terms of a service outage or things like this. Maybe when there are new patches integrated every month, which sometimes happens, some functionality may be influenced or affected. It's more or less a small issue, however, issues are possible. I don't recall a situation where downtime happened or users were really affected, however. It's just an occasional issue we may have with a patch that we would need to address.

The solution is quite scalable. As a cloud product, there are no issues surrounding expanding if you need to. 

We have maybe 27,000 people using the solution at this time. There is a plan to have all mobile users in this solution, so we are talking about 70,000 users at some point. However, it's a question also of the licenses, as you have to have a license for that product.

Technical support is hit and miss. Sometimes it's really good and other times it's not so great.

We used Citrix Endpoint Management in the past. We used it about two years ago. It was a good product. They are comparable, really, Citrix and Microsoft. 

I was not involved from the beginning of the project. However, from what I remember, we did the implementation directly with the help of a support engineer from Microsoft. Their involvement ensured the setup was not such a big deal.

Deployment took maybe one year in our environment, however, this was because we had a lot of time to tune it up and to test it, to have a pilot for a few months and then add more people to the pilot before we started migrations for mobile, for example. We took our time to really prepare the product as best as possible and then deployed it to the users and migrated them over.

We have two levels of people at a global level that handle deployment and maintenance. They mostly focus on improving the environment, not troubleshooting WiFi issues. 

We had direct assistance from Microsoft. Their assistance made the process seamless and it was a positive experience.

The solution offers reasonable pricing.

It's my understanding that we have the licensing set up for monthly payments, however, it's not an aspect of the solution I'm directly involved with. I don't know enough about it.

That said, I am aware that, in order to have mobile involved, you need the EMS solution or EMS license, and that's an extra cost to the standard Office license.

We're just a customer and an end-user.

As we are on the cloud version of the solution, we are more or less on the latest version of the solution.

The product was chosen for political reasons, as the company is mostly using Microsoft products and also the prices were maybe better than other options. 

I'd recommend the solution to others. If they are already using Microsoft or 365, it's a good product for companies sot have. 

I'd rate the solution at an eight out of ten.

The solution is primarily used to manage iOS, Android, and also Windows 10 or Windows 11. It's to manage end-user devices.

The best thing about Intune for the customers is simply that it's included in the different plans of Microsoft 365. If a customer needs Office or collaboration tools, Intune is included. It's for free. If the company has another MDM, normally they are paying for it. This product is included in the license of Microsoft 365. We find that the customers, in general, want to change the solution, to move from another classical MDM to Intune due to the fact that they save money.

If you need only to load a specific profile and you don't have deep security functionalities, etc, Intune is very nice and good.

The initial setup is very simple.

If you need some restrictions or some integrations or you need integrations with security options, or if your mobile terminals are industry-special or ruggerized, bar code readers, printers attached, this might not be the best option. If your MDM has to be really specific, perhaps Intune is not the better option. You have to consider MobileIron or Workspace ONE or MaaS360 or similar.

They need to integrate more with security options. When the customers want some specific security functionality they begin to think about other platforms. 

The stability is very good. There are no bugs or glitches. It doesn't crash or freeze. It's pretty reliable. 

Scaling is simple. It depends on the licensing. If you have licenses for that, the only thing you have to do is to continue with the enrollment of the terminals. It's very easy. You have to assign the terminals to a group of users with different restrictions or policies and that's it.

With the CSP licenses, we as a cloud service provider, are obliged to provide services. With our service, we provide support to the licenses. When we sell licenses differently, in the LSP scheme, then we have to sell the premium service for the customers.

I don't use it directly. That said, I know the ratings of the services that we provide for our services. The only thing that I should say is that normally when we have an SLA with a customer for Microsoft, there is a specific response time that we can provide as a service provider. They do not consider that. They say, "Our service is this. This is our SLA." Then, our service level agreement is eight hours. 

Sometimes, when you offer a service level agreement with a customer, the support of the manufacturer or of the vendor is included. It's the only thing that, if you are providing services on an end-to-end basis, you have to consider. Sometimes, when you call Premier Support and you say, "Please, I need a solution before six hours," it doesn't matter for them. They say, "I have not six. I have eight, so don't call me if I'm in the eight hours."

It's very simple to set up. To set up the terminals, it's very easy. You have a manual, and it's very easy to follow. You can configure functionalities for specific users or a specific group of users or things like that. It's great.

The time it takes to deploy depends on the number of terminals and it also depends on the number of different groups. Perhaps you have to configure the different policies for different groups. That might take longer than a straightforward setup. In an installation with, for example, 1,000 terminals, it typically takes less than a month -three weeks or so.

I don't personally handle the deployment myself, however. I offer it to clients. I'm not the one to actually do the manual work of implementing it. 

The amount of people we need to deploy a solution depends on the number of terminals that we have to manage.

Some customers configure everything at the beginning and nothing changes over time. That said, we have other customers that they are continuously asking for changes. This group of customers will likely need three people more to handle maintenance. For every 1,000 devices, you typically need one and a half full-time employees.

In terms of ROI, it depends. If you have licenses included in your plan for M365, Microsoft 365, from the very beginning, if you have to sell that, it depends on the business case that you can do. It's different if you buy a CSP or LSP license.

One kind is considered as a cost and another is considered as an investment. The LSP is an investment. 

In the products and services space, from a pay-per-use perspective, I don't see a relationship between this product and ROI. 

There are different kinds of licenses. We sell two licenses from Microsoft, the LSP or the CSP. The service that we have with Microsoft is based on the CSP kind, so the payment is monthly, considered as an expense, not an investment o asset. It depends on if you buy a set of licenses only for Intune - which can be sold separately, or can be included in M365.

We are gold partners with Microsoft.

I would rate the solution at a nine out of ten.

For simple installations, for simple management, perhaps Intune is fine. However, for more complex installations, it might not be enough.

We use Intune to manage mobile devices and applications. I'm not solely using Intune for the agents installed on each machine. I use the Microsoft Endpoint Manager solution primarily for device configuration, device compliance, and mobile application management.

I have 80 different clients, and their environments vary. We have people that work in offices across multiple foreign countries and domestically. Most have a strictly cloud-based deployment, but a few have a private cloud that we host ourselves. Some have their own data centers. I've got a couple of clients with hybrid environments. None of them are entirely on-prem. Everybody is using a hybrid cloud or completely on the cloud.

Intune helps us from a compliance standpoint by making it easier for system admins to configure devices and ensure they conform to business policies. It gives us more visibility into where the devices are and their postures.

I try to use conditional access policies for every client I can. It's essential for a zero-trust security posture. Conditional access policies make it possible. This dramatically reduces the risk of unpatched devices connecting to our corporate network.

The conditional access policies, compliance, and updates affect employees positively. Once the value is explained to them, they don't complain much about MFA.

You can use Endpoint Manager to see whether or not a device is compliant and apply conditional access policies in Entra to only allow connections to your environment from compliant devices. That significantly reduces your risk from unpatched software because that device cannot connect to your machine or environment. Using those two features together definitely helps protect us.

It saves some time. Either way, you will have to manage an Active Directory environment, but Intune allows you to manage devices over the internet. You don't need to worry if the machines are connected to a VPN or on-site.

The most valuable feature is probably mobile device management. Small businesses are coming under greater scrutiny and requirements for compliance as time goes on. We don't have to worry about a VPN because we can manage these devices, control company data, and lock users out. If needed, we can remotely wipe devices and switch them. 

It's a big deal to be able to assure an insurance company or auditor that our endpoint devices are effectively managed. Intune is a solid solution if you use Microsoft and Microsoft 365 products.

Intune's third-party patch management could be better. It should be easier for an average system admin to keep non-Microsoft applications updated. 

I have used Intune for about six years now.

Intune is highly stable. 

Intune is highly scalable. Thus far, I haven't had to expand it to a thousand users, but the scalability appears to be readily available.

I rate Microsoft support a nine out of ten. I enjoy working with them, and I'm often surprised at how good they are. 

Positive

I've used Rocky MDM and Google MDM. Microsoft is the primary platform on which we do business. Intune works better with the Windows operating system, desktop applications, and SharePoint. It also reduces vendor complexity. I don't require multiple vendors, which reduces my costs because many features are baked into it. 

I log into fewer systems daily. Microsoft's virtual monopoly on productivity applications in your average small business makes them the right choice in most situations.

Deploying Intune is pretty straightforward. It doesn't matter whether you use autopilot or manual deployment. Each machine is enrolled in Intune automatically if it's connected to Azure AD with the correct user licensing. It's a relatively painless enrollment process.

Intune involves some maintenance, like any solution. You must ensure it's still working correctly and helping you achieve your business goals for compliance and configuration of your endpoints.

Meraki and Google are relatively common in small businesses. Many small businesses use Meraki for wireless and networking solutions, so that is one MDM option. Also, small businesses often start with Google and transfer to Microsoft 365 once they mature. Google is already in the environment. I don't sell anything as an IT guy, so I don't care what solution my clients use. I choose what's best for them in that particular instance.

I have tried Okta, but I haven't used it seriously as an MDM solution. I've only used Okta as an SSO provider. I didn't realize they did MDM solutions. I don't understand the point of Okta. If you have Azure AD and Entra, I can't fathom why you would bother with Okta. It seems redundant to me.

I rate Microsoft Intune a nine out of ten. Don't underestimate the solution, and spend time learning about it. Intune has some powerful capabilities. Often, small businesses acquire systems but never fully utilize them because nobody has the time to dive deeply into them. It's a big solution with a lot of features. 

We are currently using Intune, and we are also deploying it for customers. We use Intune to manage our mobile devices. We manage our Android and iOS devices with it, and at the same time, we also use Intune to manage our macOS and Windows devices.

During the pandemic, there were devices that we couldn't control. For example, we wanted to manage BYOD and make sure that they are secured so that when they access our corporate resources, our data, computers, users, and mobile devices are protected. We use Intune to publish some of our company applications and at the same time push down our restriction policy and configuration profiles, such as VPN.

We are a vendor, and we deploy the Intune solution. We see that our clients have benefited from this solution. They're able to manage devices that were previously not managed. They are able to secure those devices. It also improves the productivity of the users. They can work from wherever they are and leverage their own devices to access company resources. So, productivity-wise, users are more productive when it comes to Intune.

Based on my experience, I find Intune very flexible for managing Windows devices. We can use scripting, and we can make use of the self-service portal or the company portal to publish some of the applications for Windows.

I'd suggest adding more features for macOS in Intune. There should be more functionality for managing macOS. There should be a better capability for pushing things down on macOS. Currently, Intune is not capable of managing macOS at the same level as Windows.

It has been four years since I've been using Intune.

I'd rate it an eight out of ten in terms of stability because it sometimes breaks. That's mainly because Windows OS keeps on changing because of upgrades and things like that, and there are some instances where it's not supported, or it has not been tested fully on a specific version of OS.

We haven't yet gone down to the scalability part. It meets the needs of our customers. What they have right now in the cloud is sufficient and satisfies the requirements. So, scalability is not a problem.

Some of the deployments are done across sites, so there are multiple sites.

I have interacted with their support. I'd rate them a ten out of ten.

Positive

We have previously used MobileIron and Jamf Pro.

The deployment model for Intune is cloud basically, but for other MDM solutions, it's on-prem because the government and healthcare sectors prefer to use the on-prem solution.

The deployment duration depends on the project timeline and the complexity of the deployment. A fresh Intune deployment is straightforward. We just need to do the configuration and create configuration profiles. For example, for Windows OS, we can enroll 1,000 devices in a month or something like that depending on the availability of the machine. Everything is configured in the backend, so they just need to power on the device, and everything works as expected, and everything is pushed down.

The number of people required depends on how many machines need to be deployed and users' availability. The model that we're having right now is that for a new device, it's straightaway delivered to the user. So, there is no involvement of IT because it's an autopilot deployment. When a user powers on a device, the configuration kicks in. The users just log in using their user accounts, and that's all. So, one IT person is enough to configure the backend.

We implement it in-house. It does require some maintenance, but that's taken care of by another party.

It's affordable. It's cheaper if you have an Office 365, E5, or E3 subscription because everything is there.

I evaluated VMware Workspace ONE, which is similar to Intune. They both can manage multiple OSs. 

While evaluating, I'd advise evaluating each and every feature of Intune and using multiple operating systems, such as Android, iOS, Windows, and macOS. You should see the capabilities of Intune and also check how to integrate Intune with other solutions. For example, for security, there is endpoint protection, etc. You need to check that because one of the requirements is to make sure that the computers and the mobile devices are secure, but Intune cannot secure your device itself. It's just an MDM solution. It only restricts some of the functionality. It cannot do more in terms of security. You need another solution to secure your devices, and you must check that your security solution can be integrated with Intune.

I'd rate Intune an eight out of ten.

Its primary use case is mobile device and workstation management.

It is a platform, so there is not really a version per se.

It allows our clients to have the confidence to centrally manage policies for security. It helps them in securing the organization from a technology aspect.

It is scalable, and it is fairly portable for customers, particularly for those who are already involved in the Microsoft stack.

Its configuration is fairly complicated. You have to do quite a bit of discovery to be able to deploy it for a customer. You have to ask them a lot of questions. So, its initial deployment is the biggest challenge. They should make it easier to deploy with the use of Wizards or something else. During the deployment stage, there could be profiles for the customers who are particularly wanting to use certain feature sets of Intune.

I have been using this solution over the past year and a half.

Its stability is pretty high. Once you get it deployed, it typically works pretty well. You might have the occasional snafu, but overall, it works pretty well.

There are no issues with scalability. It is cloud-based, and we've not seen any issues or limitations regarding scalability.

We have a handful of clients who use Intune. We're seeing more and more adoption. It's not widespread yet, but it's growing. We look for opportunities where this is a good fit for the customer.

We've had organizations as small as 20 to 25 users. We've had organizations with 200 to 300 users. It is used across the board.

We haven't had to use technical support, so it'd be hard to evaluate that.

There are some customers that have switched from other products, and typically, it's because they just couldn't get the other product to work. Miradore is one in particular that many of our customers had, and I like them

Its initial deployment is probably the biggest challenge. It is complex because Intune encompasses so many features and things that you can do with it, and it is so broad in scope. There are a lot of different things you can do with it, and there are a lot of different ways in which you can deploy it, which makes deploying it for a particular customer's environment complicated. It takes some time. I would rate it a three out of five in terms of the ease of setup.

We've had deployments that took weeks. We've had some simpler deployments that took days. So, it varies. The product is so big, and it encompasses so much. So, it depends on what the customer is implementing. One of our most recent customers wanted to use it for a lot of things. So, it was pretty complex. It took us time to get all the devices onboard and registered and so forth.

We might have multiple people working on a deployment, but that doesn't mean it takes that many. Overall, it doesn't take that many people to deploy it, but it typically takes a higher technical level person to deploy. You don't need a bunch of folks, but they have to really know what they're doing.

I don't have any statistics, but from a qualitative assessment, there is absolutely an ROI. Customers on Intune seem to keep it and be happy with it. It does offer significant security advantages for customers. We've seen customers really happy with the product once it is up and deployed.

Microsoft offers some licensing where it's included at no extra cost when customers are already using the licenses. In such a case, it's a really good value. If you have to buy the licensing for it, it's probably on par with other solutions. It isn't substantially more or less expensive. The great thing is that it is included in some of Microsoft's licensed packages. So, some customers don't have to spend additional money for it.

Typically, most providers that support Intune do charge a management fee of some sort or some fee. Certainly, we're no exception.

I would advise making sure that you look for vendors that have a lot of experience in deploying Intune. Make sure that you're working with an experienced vendor with a lot of experience. There is a fair amount of change and improvement in the application. It is constantly being changed and updated, so you really have to get somebody who is familiar with it.

Overall, I would rate it an eight out of 10. The challenges with deployment lower its rating a little bit.

Our main use cases with Microsoft Intune are about how we automate the deployment. Auto-pilot is a feature that we normally recommend. Another piece is about the package deployment, where we recommend, or have helped, customers in deploying and converting their Win32 application. These are the two main areas in terms of automating the enrollment and Win32. Another use case in terms of the Apple, which is being used more by the customers, is where we recommend them to go for the zero touch process by using the AD.

Intune's feature that I have found most valuable is its auto-pilot feature. The main thing is that it keeps building it. Also Intune's capability in terms of Mac, which is slowly increasing, although the customers are moving towards vMOX and leaving the Intune just because of its limited capability with Mac, though it has already been enhanced. More features include the conditional access and the app production policies with respect to BYOR devices. These have been increased a lot in terms of security.

In terms of what can be improved, I am looking for better enhancements regarding Apple management, not only on the mobile device, but also on the laptop.

Other than that, it already has good capability with Windows, and it is already very good for the mobile device. The only area that is missing is for the Mac products.

I am using Microsoft Intune for the last two, three years.

In terms of maintenance, since it is a cloud product, it automatically gets updated by Microsoft. So there is no maintenance required for the upgrade part. But definitely the maintenance part that we track is the software asset management - that the devices are there and that the patches are deployed on a timely basis. We also do maintenance on the dashboard reporting feature in terms of whether the devices are compliant or not compliant.

In terms of performance, devices will be automatically enrolled and all the applications will be deployed. So it will be ready to use once they log in with their Azure-ready credentials. That is zero touch for them. In terms of having integrations in place with other tools, any issues they face will have proactive or automated actions to resolve their issues, instead of raising them and going through the long process of raising a ticket and the resolution.

Scalability is good.

In my experience, the customers who are mostly going for the Intune are small, medium and large companies. We have seen a mix. These days we have seen a large base of customers having more than one device. So it could be suitable for any size company.

Not too much to say on support. It is pretty fast. But in some of the instances we did not get much or a proper resolution where we had to troubleshoot a lot. But in most of the cases, support was good.

Initial setup is a simple process. It is a cloud solution. It is easy to deploy and easy to integrate with other tools as well. If we have to integrate with on-prem or Azure-ready through an AD connector, it is easy. Also, it is capable of integrating with other tools.

In terms of deployment, having things in the VM or physical VM or physical system in place and the ports enabled, as the main infrastructure is all in the cloud, is only part of connecting with the Azure already and the AD connectors, and does not take much time. With full testing, it takes one day if all things are in place.

Their price is really good. That is the reason customers move here, because as part of the Office 365 package, they always get the E365 as well, which makes it easy for them to manage their devices without having additional licenses for Intune.

That is the best part.

The main differences between Intune and other products are, like I mentioned, in terms of the Mac. If the customers are majorly moving and adopting Mac laptops while they are using the Intune, they are leaving for other platforms, like Workspace ONE and vMOX. That is the reason for moving and the major difference I have seen these last couple of months. But at the same time, if there is not much dependency on Mac devices, they are moving from other platforms to Intune, also.

My advice to anyone considering Intune would be to definitely test it and have devices enrolled at least in a pilot phase. They will get feature compatibility, the policies, and the auto-pilot feature. So, I would recommend to do at least a POC, and then decide.

On a scale of one to ten, I can rate Intune an eight.

We are going to use Intune for registration and then we're going to use some kind of condition policies for resource access for unmanaged devices. With on-prem AD-based access, when the users are working from home or somewhere else, they need to connect to the VPN or something to access the corporate network, whereas, with Azure and Intune, we are going to provide the resources for application access. We can directly provide them access by using conditional policies.

It has been only three months since we took the Azure subscription and migrated all the users to it. We are running it in the production environment. We are not running it in the testing environment. We are not implementing everything in one go because if any issues happen, it's not easy to roll everything back in minutes. For this reason, we're implementing them one by one.

With on-premises Active Directory, the main challenge was that we had no control when a user was working from home. We didn't know what exactly a user was doing and whether the AV was up to date or not. Intune provides better control of their machines.

A few of the options are a bit hard to understand. As compared to on-prem services such as AD, it's a bit different. For example, group policy objects have different names. It takes some time to find out where various options are available.

I wanted to check if there is any provision at the Intune level to restrict certain things, such as a website, but unfortunately, that feature is available only in Microsoft Defender. Intune has web filtering capabilities, but they are only useful for protection from malicious websites, whereas we would like to be able to restrict a website. For example, YouTube is a clean website. No one would identify it as a malicious website, but if we want to stop the end-users from going to that website, we have to go for another product, such as Microsoft Defender or another third-party proxy solution. It would be great if this capability is included in Intune.

We started using it three months ago. 

Over the past three months, I haven't seen any instability from the Intune point of view.

We have approximately 220 users. We don't have any immediate plans to increase its usage, but by the middle of next year, we might increase the usage of the product to another 70 or 80 people. We would be able to scale it based on our needs.

I haven't raised any case with Microsoft support, but I believe Microsoft has different types of service agreements based upon which they provide support for different applications. 

I have gone through multiple Microsoft articles, and they have sufficient to-the-point information there. 

We were using on-premises Active Directory, and we were restricting certain things through GPO, but there were a lot of challenges when the users started to work from home. 

Its initial setup is fine. I haven't seen any issues. I have worked as a technical lead at the architect level on different products. For that reason, I haven't had many challenges.

Its implementation was a bit longer because we took our time in testing on multiple machines and multiple users. We wanted to ensure that we are able to achieve what we wanted. We completed all the use case scenarios and what we were expecting from the security point of view.

We implemented it in-house. We had two people for the setup, which included a junior person and me. 

We also take care of its maintenance. We are managing approximately 220 people. I take care of all the cybersecurity and software-related work at the corporate level. Most of the people are now coming to the office. So, we have prepared a simple document for them to follow. 

We don't have just the Intune license. We have the Enterprise Mobility + Security E3 license, but I don't have the exact figures. Someone else was involved in the initial discussions and purchase, and the entire environment was handed over to me.

Any bundle package, such as Security E3, covers multiple things, such as AAP, BitLocker, etc. If you go for them individually, they would be more expensive. Bundling makes the price more attractive and competitive.

It is suitable for small, medium, and large companies, but it also depends on your requirements, budget, and the things you want to restrict. 

I would rate it a nine out of ten.