Introduction to Microsoft Intune
Updated: January 28, 2016
Intune is a cloud-based service that lets you manage mobile devices, PCs, and apps so your users can be productive while you protect your company's information.
Mobile device management (MDM) and Windows PC management are the cornerstone of the modern IT department. Today workers, staff and students are more mobile and engaged than ever. Your success depends upon delivering information where it's needed while ensuring that information is protected. You need to deploy apps, protect devices, ensure updates are in place, and provision email faster than ever while defending company information.
You have several options for using Intune:
A standalone solution for device management. As a cloud-based service, you manage devices and protect company data without the overhead of network infrastructure costs.
Intune can manage iOS, Android, Mac OS X, and Windows Phone devices, as well as Windows RT and Windows 8.1 and Windows 10 devices as mobile devices. If you're looking at Intune for a mobile device management (MDM) solution, review Intune's MDM capabilities and features.
You can install the Intune client software on Windows PCs to enable management. Once a PC is managed you can deploy apps and software updates, manage Endpoint Protection and Windows Firewalls, provide remote assistance, and much more. See a full list of PC management capabilities.
You can also use Intune to deploy and manage apps. App management helps you protect data from being shared outside of your business by restricting actions such as copy, cut, paste, and save-as between Intune-managed apps and personal apps. This data protection is built directly into many Microsoft mobile apps but you can extend data protection to your existing line-of-business apps with the Intune App Wrapping Tool. You can also establish secure content viewing with the Intune Managed Browser. To further protect corporate information, you can selectively wipe managed apps and related data on devices that are unenrolled, no longer compliant, or lost, stolen, or retired from use.
A cloud extension of Microsoft System Center 2012 Configuration Manager. If you already use Configuration Manager to manage on-premises devices and are looking for a way to manage many of today's mobile devices, you can use Intune as an extension of System Center 2012 Configuration Manager. Two key benefits of this option are a unified management experience for both on-premises and mobile device management, and scale. This hybrid implementation of Intune gives you the capacity to manage more than 50,000 devices.
Part of your Microsoft Office 365 subscription. If you have a commercial subscription to Office 365, you can use the Intune mobile device management capabilities built into Office 365. While this option is not as extensive as Intune standalone or Intune and Configuration Manager, you can still manage iOS, Android, and Windows Phone devices, create security policies, limit access to Office 365 email and documents on managed devices, and use selective wipe to remove Office 365 from managed devices.
Part of the Microsoft Enterprise Mobility Suite. Mobility is here to stay, and so is the cloud. Intune is a core component of the Microsoft Enterprise Mobility Suite (EMS), a set of cloud-based services that provide threat detection, identity management on top of the data protection and device management that Intune standalone delivers.
Although Intune is a service, and thus relieves you of many infrastructure costs, you may still have some network setup requirements. For example, your firewall might, by default, block some of the network ports required by Intune. Additionally, if you want to synchronize data from Exchange Server, there are also certain firewall exceptions you might have to make.
Other preparations to make as you get ready to deploy Intune include:
setting up a company portal so users can enroll their mobile devices to be managed by Intune
understanding expected bandwidth usage
deciding whether to use the default onmicrosoft.com domain name or a domain name you own