Microsoft Intune Reviews

We use it for device compliance and posture, application control, and we use it for integration with our corporate devices.

It brings all of our endpoint and security management tools into one place and makes life a little bit easier. We're a Microsoft partner, and it integrates well and works quite well. We're also a Cisco partner, and it works well with Secure Endpoint and our existing Zscaler product.

Similarly, when it comes to our organization's security, it makes life easy.

Intune also helps reduce the risk of security breaches because we're making sure devices are patched and that firewalls are enabled. And that helps our organization save on costs.

While I don't think you can ever have full visibility and control, Intune certainly allows us to see the applications being used and tells us if things like Windows patches aren't applied to machines. It does a good job. That visibility makes life a little easier.

The user experience with Intune is pretty good, the same as with all Microsoft products, really. Once you're used to one, you can use all of them.

And it's not too bad for securing hybrid work and protecting data on company and BYO devices. As I said, we're using it in conjunction with our Zscaler deployment, so that obviously helps.

Some of the security posture limitations are not brilliant; they're not ideal, but they're not causing us a problem at the moment. It's the granularity: "Is your firewall on? Is BitLocker on?" It's not amazing granularity. But I've looked into other products, like Duo, and they're all similar.

I have been using Intune for four or five years.

We worked with Cisco network monitoring, using Cisco ASA with RSA deployment. It had its issues. It wasn't very user-friendly. If a device wasn't posture-compliant, for example, it wouldn't explain to the user what they needed to do. There was also a bit of limitation with the operation alongside things like antivirus software. It didn't work very well with Sophos and other applications.

Overall, Intune is not bad. It's okay.

We are replacing AirWatch MDM with the product so that we can manage our devices. Eventually, we plan to migrate from SCCM, Windows, and Mac to the Microsoft Intune environment. It will help different departments to manage devices from one place. 

Microsoft Intune helps us lock and open iPads easily. 

The tool's most valuable feature is Autopilot. 

I have a lot of Apple products in my environment. It would be nice to have an improved integration of Apple products with Microsoft Intune without Jam. 

I have been working with the product for a year. 

Microsoft Intune's stability and uptime are good. 

Microsoft Intune has a lot of documentation. Its support is also good. 

Positive

We used AirWatch before Microsoft Intune. We switched because of cost and customer care issues. We are currently in an SCCM environment. 

The solution's deployment is both complex and intuitive. 

Microsoft Intune's pricing is reasonable. 

We chose the product because it was cost-effective and easy to integrate with our system. 

We are working with a Microsoft partner to improve our environment's security. It helps us condense our profile into one instead of three. 

We expect time and money savings in the long run since it is a cost-effective solution. We are Microsoft partners. It integrates everything into one platform, which helps us save time since we don't have to jump from one platform to another. 

I rate the product a seven. It is a good product with good capabilities. It is a solid solution that is easy to work with. 

We use Intune as an educational platform. My company has about 85 users and 10 admins at one location. 

Intune saves us time and money because we buy less equipment. We can wipe our devices and reuse them on different jobs instead of buying new ones. 

Intune enables us to manage our devices from anywhere. 

Intune has limited integration with non-Microsoft solutions. It isn't suitable for iOS devices—only Windows and Android. I would also like to see improved synchronization and replication with Azure Active Directory in hybrid environments.

I have used Intune for one year. 

Intune is stable.

Intune is scalable.

I rate Microsoft's support an eight out of ten. The recommendations from the community forums are usually enough. I contact Microsoft's support when I have a significant issue. They're helpful and provide the information I need.

Positive

We also do business with Amazon, Google, and other cloud providers. 

Intune was easy to set up. Everything goes quickly once you have all the documentation. It isn't that complicated and took about four or five days in our test environment. We had to synchronize the users with the cloud environment. Once all the identities are replicated in the cloud, we started to duplicate the groups and endpoints. After this was finished, we cut the links to the on-premise installation.

We have seen a return on investment. We pay about $10,000 annually for 85 users. We save a lot on maintenance and monitoring. 

Intune's pricing model is appropriate. 

I rate Microsoft Intune a nine out of ten. 

When we develop, it's used for multiple different solutions. It could be anything, such as a portal, field services, web development, web apps, and lots of other different things.

For me, there are many strong points in the solution. Firstly, the skills are readily available. That's one of the things. There's a lot of Microsoft expertise in the market. 

Also, they've invested a lot in their software and continuously updated it. So I think those are the things that are very important to us.

There is room for improvement in integration and security as well. Those are areas that clients are always concerned about.

So, in future releases of the product, I would like to see better integration as well as enhanced security.

I have been using Microsoft Intune for seven years now. We are dealing with the latest update of Microsoft Intune. We have started working on it, and our developers and other personnel are currently getting certified for it.

It is a stable solution. I would rate the stability an eight out of ten.

I would rate the scalability an eight out of ten.

We have over a thousand endpoints using Microsoft solution.

Customer service and support are helpful and responsive.

Positive

If you've got the right skills, the initial setup is not that difficult. It is very quick to set up. It doesn't take long. 

Some customers have benefited from it.

We work with all Microsoft products,  like .NET, and a lot of development around those areas. 

Another one, Arc Systems, is a current platform that we use.

I would recommend using this solution. Overall, I would rate Microsoft Intune an eight out of ten. If they could make the integration a lot easier, it would be better.

Our use case is relatively typical; we primarily use the product for managing Windows laptops, pushing policies, and some configurations. 

The ability to send configurations to our systems is valuable, particularly as we don't have a regular Windows AD server. Our current environment doesn't have a Windows AD, which limits our ability to push GPOs. However, this is where the solution can step in and help us push policies.

The reporting could be improved, as it's pretty poor compared to other products of this type. 

Patching needs improvement, as it hasn't been working well recently. 

We've been using the solution for over two years. 

The solution is very stable. 

The scalability is there, and it's automatically based on the number of users in the back end, so we don't even need to think about it.

The tech support is excellent, and I give them a nine out of ten.

Positive

At my old organization, we used Microsoft System Center Configuration Manager (SCCM), which is more of an on-prem system. Microsoft seems to have recognized that everyone is moving to the cloud, and I expect they will bring SCCM's capabilities onto Intune as a kind of product upgrade.

SCCM is a more versatile tool than Intune; we can't patch third-party applications in the latter, which is a significant headache.

The deployment was pretty straightforward; the solution came in a prebuilt configuration, and we just needed to enable it in our Azure domain.

As the product is cloud-based, we don't have to do any maintenance as a customer. 

Intune is available as an individual product, but it also comes with Office 365 Premium or an Enterprise license, and the price varies for each version. 

I rate the solution eight out of ten. 

Those considering the solution should look into it because it may already be part of your license or available with a small upgrade. Once upgraded, you have a tool and don't need to bring in another one. The deployment is simple, there is no other third party and no agents to be deployed. You also have a dedicated console that provides visibility and management, which is very easy to handle.

I'm using all the services that Intune provides, including managing Windows 10 devices and mobile devices, with both the mobile application management and without enrolling the devices. I use it for deploying configuration profiles, compliance and app protection policies, as well as onboarding Windows 10 devices to the Defender portal.

I haven't used other mobile device management solutions, but compared to SCCM, we eliminate a lot of on-premises infrastructure and maintenance by using Intune.

For mobile device management, especially for the Windows operating system, it's quite impressive. But it would really be helpful to have the option to manage server operating systems as well, like Windows Server, at least. That way, we could scrap the use of SCCM, which requires a lot of on-premises infrastructure.

Another area for improvement is the reporting structure. For example, currently, when deploying Windows 10 or Windows 11 updates, I don't get any detail or structured reports showing which updates are installed on the devices. It only gives me information on whether the update policy has been successfully deployed on the device or not. That type of installed-updates detail would be helpful.

I've been working with Intune for more than four years. I'm part of a support operations team managing clients' infrastructures on Intune.

The product is very stable. If you have to think about managing devices securely, go with Intune. Although I have not used any other mobile device management solutions, Intune is very reliable and it's hardly out of service at all.

From the start of my career, I have been managing clients in Europe but Microsoft has no boundaries when it comes to using Intune. There are certain services that are restricted to specific regions, but that is not the case with Intune. It can be used in any region and with any number of users. I have managed environments with 5,000 to 10,000 devices enrolled in Intune.

If there is a service outage, that is made very clear on Microsoft's service portal in the admin center. But if an issue comes up where, for example, a policy deployed from Intune has not been received on a device, it is very difficult to evaluate whether the issue is with Intune or the device. In that scenario, Microsoft itself is confused about whether the situation has to be escalated to the desktop support team or the Intune team.

Other than that, everything is good.

Neutral

The initial deployment process is very straightforward. It's software as a service. You just buy the subscription and start using it. It's not the case that there are very complex configurations or prerequisites to start off.

It does not require any maintenance on the customer's side. Microsoft takes care of all the maintenance.

Having devices managed at scale and maintaining security posture are, of course, value-adds, in comparison with the cost our clients pay to purchase the service. It is worth it.

Microsoft offers different licensing structures. It offers standalone licensing for Intune, but Intune is also included in other licenses, such as for Microsoft 365, E3, and E5, Business Premium, and Business Standard.

There are other MDM solutions, like Workspace One from VMware, which has support for server operating systems as well. I've never used it but I did a quick comparison of the supported operating systems.

Essentially, we use it to manage devices. We are looking at potentially moving away from VMware and bringing mobile devices and tablets into Intune along with desktops and laptops, which we currently manage, so that it serves as an all-in-one active asset list where we can look at the health of the entire technical estate. We can manage against threats. We can roll out apps, policies, et cetera. We can also manage logins, reset logins, et cetera, and it's an all-in-one, 24/7 solution.

Microsoft Intune has absolutely improved the way our organization functions. We're currently going through the AAD migration, so we are transitioning away from the old on-premise domain to Azure. The ability to take devices that were locally managed via AD but weren't managed via Intune is brilliant. We can see who last logged in, who it's managed by, which OS is there when it was last updated, etc. It gives us a micro overview of what's happening there.

Generally, we find it quite useful. We don't use it to the full extent. We've only got a P1 license, but generally, the application health and the ability to create and manage policies are valuable. We can split them very quickly into groups, multiple policies, etc. So, it's those core basics that we use, but they work very well.

It's very informative when there is an error. It allows us to backtrace where the error is and resolve that ourselves. It's a bit of a Swiss Army penknife. We find that it fixes most issues.

I'd like some more reporting so that I don't have to delve into PowerShell and I can pull more of the local device information such as memory, apps installed, etc. It would be nice to be able to see the apps that are present there but might not be managed. For example, if they installed 7Zip, it could report that back via an installed program or feature to see what was currently installed. Generally, it works, and nobody complains about it.

I've been using this solution for a couple of years.

Sometimes, they can take a little while to come back in showing that they are compliant. Typically, they may show us as not compliant even when we are. Typically, we find that it takes a couple of hours or a couple of days at worst for the machines to show as being compliant for them to settle down, but generally, it does what it says on the tin. We can set the policy, and we can put a machine or put a device into a group. That policy gets defined or pushed out, and it works. We can then move on to the next job. From my perspective, it works well, and that's why I'm just looking forward to using more Azure technologies moving forward.

It's deployed across multiple locations, departments, teams, and endpoints.

I haven't had any experience with them.

At the moment, we're using VMware AirWatch, which isn't my first choice purely because it's a super segmented platform. We are predominantly, about 95%, Microsoft. It feels a bit of an oversight not having a solution on a Microsoft platform where we've got full transparency and can make live changes. Currently, we have to go through our outsourced IT to make the changes and then we have to wait to see those changes rather than me or a colleague being able to make those changes in a live environment, so it would be my personal preference to get that moved over, which we're looking at. 

I wasn't a party to why they used AirWatch. I presume it was bundled in with the Microsoft service partner's offering originally. The IT team here is quite new. I've only been in the post for about a month, and my IT manager has only been in the post for about two months. We're just making sure that everything is easy to use and easy to manage, and it's cost-efficient for the charity moving forward.

Essentially, the way it was set up, it wasn't set up as a hybrid model. At the moment, we have got on-premises, and we have a cloud, but they're not joined. There is no passthrough, which is interesting. A lot of the on-premise has been copied over to the cloud. We are now taking the cloud to default, and the overall plan is to mothball the servers and reuse those as very high-powered desktops wherever possible. I just predominantly use the cloud.

I was not involved in its deployment, but in terms of maintenance, typically, our MSP makes the changes, but I've got GA rights to make anything that is critical. Generally, there are about 20 people at the Microsoft solution partner, and there are four of us on the IT team. There are less than 30 people in total.

I'm not sure. Certainly, it has been at least three years since the software has been rolled out, but it's not particularly well maintained by the solution partner. So, it's hard to measure the ROI. It does have merit, but in our particular sector, it's just overkill. We just need to make small and light changes whilst having effective security. We don't need corporate class, biometric/conditional access level security. Whilst we have multiple offices, they're very small. They're all under 20 users, and there's a lot of work from home. So, as long as we've got encryption, a form of AV, an anti-spam, and good account security, it certainly staves off a lot of the threats.

Personally, I feel that we haven't had the ROI purely because we're paying about £13,000 for under 300 users a year, which is a little bit top-sized. My personal feeling is to make a business case to switch to Microsoft Defender. Obviously, we've got P1 in our business premium licensing, so we've got a very basic protection at the moment that we don't use. We've got a large number of credits, and we could use those credits to switch over for a year to a higher project and see where we go from there.

Generally, it's not too bad. Obviously, a cheaper price would be great. Typically, we are in touch with the partner to provide non-profit discounts wherever possible. Generally, we get favorable discounts, so it's not too bad. Obviously, we're looking at decreasing those wherever we can to bring value back to the public purse because it's all charity based. It's all publicly funded.

Create a test group and create test policies, and then just test, test, and test before anything is rolled. It's the usual IT gambit. Test everything, and then just test it again before you roll it out.

I worked for a couple of MSPs before. I've seen it in very remote areas. I'm very impressed with it. Whilst it seems almost fashionable to criticize Microsoft, Intune is pretty much a well-laid-out product. It does what it says it's going to do. There is a lot of dependence on Microsoft products being pushed to it, and that's probably my only criticism. It would be good if Intune was a bit more open-source, but that would lead to more complications. It's a bit of a complicated beast, but generally, I like it.

I'd rate Microsoft Intune a nine out of ten. I'm happy with it.

We use Intune to manage mobile devices and applications. I'm not solely using Intune for the agents installed on each machine. I use the Microsoft Endpoint Manager solution primarily for device configuration, device compliance, and mobile application management.

I have 80 different clients, and their environments vary. We have people that work in offices across multiple foreign countries and domestically. Most have a strictly cloud-based deployment, but a few have a private cloud that we host ourselves. Some have their own data centers. I've got a couple of clients with hybrid environments. None of them are entirely on-prem. Everybody is using a hybrid cloud or completely on the cloud.

Intune helps us from a compliance standpoint by making it easier for system admins to configure devices and ensure they conform to business policies. It gives us more visibility into where the devices are and their postures.

I try to use conditional access policies for every client I can. It's essential for a zero-trust security posture. Conditional access policies make it possible. This dramatically reduces the risk of unpatched devices connecting to our corporate network.

The conditional access policies, compliance, and updates affect employees positively. Once the value is explained to them, they don't complain much about MFA.

You can use Endpoint Manager to see whether or not a device is compliant and apply conditional access policies in Entra to only allow connections to your environment from compliant devices. That significantly reduces your risk from unpatched software because that device cannot connect to your machine or environment. Using those two features together definitely helps protect us.

It saves some time. Either way, you will have to manage an Active Directory environment, but Intune allows you to manage devices over the internet. You don't need to worry if the machines are connected to a VPN or on-site.

The most valuable feature is probably mobile device management. Small businesses are coming under greater scrutiny and requirements for compliance as time goes on. We don't have to worry about a VPN because we can manage these devices, control company data, and lock users out. If needed, we can remotely wipe devices and switch them. 

It's a big deal to be able to assure an insurance company or auditor that our endpoint devices are effectively managed. Intune is a solid solution if you use Microsoft and Microsoft 365 products.

Intune's third-party patch management could be better. It should be easier for an average system admin to keep non-Microsoft applications updated. 

I have used Intune for about six years now.

Intune is highly stable. 

Intune is highly scalable. Thus far, I haven't had to expand it to a thousand users, but the scalability appears to be readily available.

I rate Microsoft support a nine out of ten. I enjoy working with them, and I'm often surprised at how good they are. 

Positive

I've used Rocky MDM and Google MDM. Microsoft is the primary platform on which we do business. Intune works better with the Windows operating system, desktop applications, and SharePoint. It also reduces vendor complexity. I don't require multiple vendors, which reduces my costs because many features are baked into it. 

I log into fewer systems daily. Microsoft's virtual monopoly on productivity applications in your average small business makes them the right choice in most situations.

Deploying Intune is pretty straightforward. It doesn't matter whether you use autopilot or manual deployment. Each machine is enrolled in Intune automatically if it's connected to Azure AD with the correct user licensing. It's a relatively painless enrollment process.

Intune involves some maintenance, like any solution. You must ensure it's still working correctly and helping you achieve your business goals for compliance and configuration of your endpoints.

Meraki and Google are relatively common in small businesses. Many small businesses use Meraki for wireless and networking solutions, so that is one MDM option. Also, small businesses often start with Google and transfer to Microsoft 365 once they mature. Google is already in the environment. I don't sell anything as an IT guy, so I don't care what solution my clients use. I choose what's best for them in that particular instance.

I have tried Okta, but I haven't used it seriously as an MDM solution. I've only used Okta as an SSO provider. I didn't realize they did MDM solutions. I don't understand the point of Okta. If you have Azure AD and Entra, I can't fathom why you would bother with Okta. It seems redundant to me.

I rate Microsoft Intune a nine out of ten. Don't underestimate the solution, and spend time learning about it. Intune has some powerful capabilities. Often, small businesses acquire systems but never fully utilize them because nobody has the time to dive deeply into them. It's a big solution with a lot of features.