With all the recent name changes for Microsoft's endpoint management products and add-ons, IT teams need to understand what Microsoft's newest suite, the Intune Suite, has to offer.
- Peter Vanderwald,KPN ICT Consulting
Posted by:May 18, 2023
During Microsoft Ignite 2022, Microsoft announced another revision to its endpoint management offering. Not only did it announce a new name for its endpoint management product, but it also announced a new line of products.
Introduced by MicrosoftMicrosoft IntuneAs a new name for all products related to endpoint management, it means that it is no longerMicrosoft Endpoint Manager.Microsoft also introduced its expanding line of endpoint management-related products, now called the Microsoft Intune Suite, a new set of advanced endpoint management capabilities.
Introduction to the Microsoft Intune Suite
Microsoft Intune as a name is actually not new. Microsoft's cloud-based endpoint management platform has been known as Microsoft Intune since it changed its name to Windows Intune in 2014. The name faded into the background when Microsoft changed its name to the cloud-based endpoint management platform. Endpoint management under the Microsoft Endpoint Manager umbrella.
Through the rebrand, all Microsoft endpoint management platforms and services come under the Microsoft Intune umbrella. It makes more sense and is less of an adjustment to the community, since Microsoft Intune never really died as a name for a cloud-based endpoint management platform.
Another big change is the new Microsoft Intune Suite family of products. Microsoft Intune Suite is a new collection of advanced endpoint management and security tools. These products will help organizations simplify their endpoint management experience, improve their security posture, and create a better environment.user experience.This is achieved by introducing the platform to support remote users, secure access to local resources, advanced device information, controlled local administrator privileges, and more.
Microsoft Intune Suite introduces some new management capabilities that are sure to help organizations take the next step in endpoint management.
Help remote users with Remote Assistance
Remote Help is the first Microsoft Intune Suite platform introduced that allows IT administrators to provide remote assistance to their end users. This is a key factor for remote workers to be as productive as possible, whileEnables IT to remotely troubleshoot user desktopsOr remotely assist users with any technical issues. As a standalone product, it may not yet be in the same space as the competition, but with the announcement of support for Android and Mac devices, that may change in the near future.
Secure remote access to corporate resources with Microsoft Tunnel for Mobile Application Management
Another recently introduced solution is the Microsoft Tunnel for Mobile Application Management (MAM Tunnel). MAM tunnels are lightvirtual private networkAvailable for Android, iOS, and iPadOS devices that provide secure remote access to on-premises corporate resources. Before the release of Intune Suite, Microsoft Tunnel was only available for managed devices, but this new version will accept managed apps as sufficient.
This allows organizations more flexibility in the devices available to users. It allows IT to provide this lightweight VPN to individual devices without having to manage the entire device. Application management alone is now sufficient to provide secure remote access to local corporate resources.
Gain more insights with Advanced Endpoint Analytics
Endpoint Analytics is an existing feature of Microsoft Intune thatProvides organizations with information and metrics about their devices.This information helps create the best possible user experience.
Microsoft offers Advanced Endpoint Analytics as part of the Microsoft Intune Suite. The goal of Advanced Endpoint Analytics is to gain a deeper understanding of user experience. It allows IT to proactively identify and resolve issues that could impact user productivity. Initially, this is achieved by enabling features that provide such details, enabling proactive problem detection and improved troubleshooting capabilities.
Secure Dedicated Devices with Dedicated Device Management
For dedicated devices, Microsoft Intune Suite enhances management with dedicated device management.specially designed equipmentis its collective nameComputer room equipment and other equipment, VR headsets, wearable devices, and more.
With Microsoft Intune Suite, IT can now also rely on dedicated device management capabilities for a zero-trust security model. These capabilities enable IT to provide purpose-built equipment,Certificate Management and Wi-FiOn specific devices, strengthen security with conditional access on specific devices, verify compliance on specific devices, manage application lifecycle on specific devices, and provide remote operations on specific devices.
Provide elevated privileges with Endpoint Privilege Management
Endpoint Privilege Management (EPM) is probably the most important platform available for the Intune suite. EPM allows organizations to rely on the principle of least privilege in a zero trust model. EPM provides controlled elevation of standard users on Windows devices.
This allows IT to grant standard permissions to users without compromising user productivity. IT can configure provisioning and elevation rules for users, who can perform desired installations or procedures with elevated privileges. You no longer need to grant these users additional local administrative rights. This means a smaller attack surface, introducing minimal privileges for users on their corporate devices.
What's next for the Microsoft Intune suite?
With the Microsoft Intune suite, Microsoft has introduced several new utilities and has announced new features and entirely new elements across the product line. This is great news, as these additions will add even more value to the Microsoft Intune suite. The first add-on announced by Microsoft is Advanced Application Management. Advanced application management will provide organizations with an enterprise application catalog and controls to facilitate application discovery, deployment and automatic updates. This will help organizations mitigate the risks associated with outdated applications.
Another thing Microsoft is announcing later this year is certificate management in the cloud. Cloud certificate management will provide the ability to issue and manage device certificates without the need for on-premises infrastructure. For example, this might work for certificates availableConnect via VPN or Wi-Fi.This may benefit many organizations that still rely on this local certificate infrastructure to deliver certificates to end-user devices.
There are some promising additions to the Microsoft Intune suite later this year that will significantly improve the security posture of many organizations, and there are likely to be many more developments in the near future.
Overview of Microsoft Intune's new licensing model
With new names and new suitesnewLicense model. The good news is that all existing features will still be available at the same price as before, just under new names. This option is represented by Microsoft Intune Plan 1.
Additionally, Microsoft has introduced Microsoft Intune Plan 2 and Microsoft Intune Suite. The first will cover new features and the second will include new solutions. A brief overview of these new licensing programs can be found in the table below.
|Microsoft Intune Plan 1||Microsoft Intune Plan 2||Microsoft Intune package|
|This plan includes all existing Microsoft Intune features and is included in the Enterprise Mobility + Security E3/E5, Microsoft 365 E3/E5, Microsoft 365 F1/F3, and Business Premium plans.||This plan complements Plan 1 and includes Tunnel mobile app management capabilities, advanced device management, and future premium features.||This plan complements Plan 1 and includes all the features of Plan 2 and includes additional features such as Remote Assistance, Endpoint Rights Management, Advanced Endpoint Scanning, Advanced Application Management, Cloud Credentials Management, and future advanced administrative controls.|
Different add-ons can also be licensed separately if an organization does not require the full Microsoft Intune suite.
Study Windows operating systems and administration
- Microsoft IntunePor：Peter van der Woude
- Top 4 Unified Endpoint Management Software Vendors for 2023 By BrienPosey
- How to Remotely Delete Office 365 on Your Smartphone By MichaelGoad
- Complete the Migration to Windows 11 Using Microsoft Intune by BrienPosey