Microsoft’s Endpoint Manager combines Intune and System Center Configuration Manager to cut back the effort and time IT admins must handle desktop and cellular work environments.As companies look to provide workers versatile work areas, whether or not on desktops or cellular gadgets, within the workplace or out within the discipline, IT retailers have needed to scramble over the previous decade to consolidate the administration of {hardware} utilizing a single console.With that IT aim in thoughts, Microsoft in 2011 launched its Intune cloud service to deal with the rising enterprise mobility administration (EMM) wants of companies. Eight years later, in 2019, Microsoft determined to hitch its Intune unified endpoint administration (UEM) platform with its Configuration Manager (ConfigMgr), enabling customers to entry each with only one interface.The mixed merchandise — generally known as Endpoint Manager — make licensing for Intune out there to all ConfigMgr prospects to co-manage Windows gadgets. Between the 2 cloud companies, greater than 200 million gadgets at the moment are being managed, in line with Microsoft.Along with a single administration interface for ConfigMgr and Intune, Endpoint Manager consists of the Device Management Admin Center (DMAC), Windows Autopilot, and Desktop Analytics. Microsoft
Windows Autopilot is designed to make it simple for customers to arrange new gadgets with out IT assist.
The software program provides IT admins on-premises and cloud administration instruments in addition to co-management choices to provision, deploy, handle, and safe endpoints — desktops, cellular gadgets, and purposes— throughout an enterprise.Simply put, Endpoint Manager is designed to make it simpler to handle a wide range of gadgets in a approach that protects company information whereas nonetheless permitting workers to do their jobs utilizing each company and private gadgets. It combines cellular system administration (MDM) capabilities with cellular software administration (MAM) and, whereas clearly tied to the Windows ecosystem and different Microsoft merchandise, it could actually handle {hardware} operating different working programs, together with macOS and iOS and Android.Microsoft additionally envisions Endpoint Manager getting used to handle Cloud PCs as a part of the corporate’s Windows 365 enterprise unveiled in mid-2021.The rebranding Intune as Endpoint Manager initially triggered some confusion due to the instruments’ overlap. However, firms that use Endpoint Manager now perceive the complete suite of capabilities out there to them, stated Dan Wilson, senior director analyst at Gartner. Combining Intune and SCCM/ConfigMgr in some methods was Microsoft’s reply to questions on whether or not conventional PC administration was lastly lifeless. (It’s not.)Traditional administration instruments will proceed to play a job in co-managing PCs that require routine lifecycle duties equivalent to disk imaging and MDM, stated Wilson.“2020 increased and accelerated adoption of co-management and cloud management of endpoints, as well as federation of the Configuration Manager and Intune consoles via tenant attach,” he stated.As a subscription service, Microsoft prices firms on a per consumer/per 30 days foundation. Pricing begins at $10.60 per seat as a part of Microsoft’s Enterprise Mobility Suite, which incorporates the Azure Active Directory, Azure Rights Management Services, and Advanced Threat Analytics.How does Endpoint Manager match into the EMM and UEM market?When Intune arrived, firms had been nonetheless within the throes of determining find out how to handle the sudden onslaught of gadgets accessing company information and networks — fallout from the bring-your-own-device (BYOD) pattern that took off after the discharge of Apple’s iPhone in 2007.Driven by company BYOD applications, {hardware} administration has been shifting away from a Windows-dominant world to 1 that’s more and more various and consists of iOS, Android, and Apple gadgets. As extra employee duties are carried out on cellular gadgets, the momentum behind unified endpoint administration (UEM) grows, since all user-facing gadgets might be managed by way of a single console. Gartner
Gartner’s have a look at the evolution of endpoint administration.
By 2022, Gartner stated, 50% of company-owned Windows 10 PCs shall be managed utilizing EMM software program or UEM instruments. That ought to assist firms enhance operational effectivity. The troublesome half for a lot of shall be selecting whether or not to make use of one thing like Intune or cobble collectively a administration ecosystem constructed on software program from numerous third-party distributors.To achieve success, any complete UEM system, in line with Gartner, must combine with consumer administration instruments and meet the next aims:Provide a single console to configure, handle, and monitor conventional cellular gadgets, PCs, and system administration of IoT belongings.
Unify the appliance of knowledge safety, system configuration, and utilization insurance policies.
Provide a single view of multi-device customers for higher end-user assist and to assemble detailed office analytics.
Act as a coordination level to orchestrate the actions of associated endpoint applied sciences equivalent to identification companies and safety infrastructure.
The massive distinction between MDM and UEM: The latter envisions managing desktop {hardware} as simply as cellular gadgets, and may deal with a number of working programs, each desktop and cellular.The majority of distributors whose software program permits UEM come from the MDM and EMM market, and lots of have been including Windows administration capabilities over the previous couple of years.Many of those have expanded to assist Chrome OS and macOS platforms, positioning them to tackle the administration of a number of kinds of conventional endpoints, alongside the cellular endpoints they handle.Client administration software distributors have typically been a bit slower to construct out extensions to their PC administration instruments to allow them to additionally deal with cellular gadgets and fashionable OSes.“The 2021 UEM market includes more traditional client management vendors who added agentless management of modern PC operating systems and mobile devices,” stated Wilson. “Traditional MDM/EMM vendors are focusing more on device-agnostic secure workspace and security-centric mobile device use cases, rather than continued development of PC management capabilities.”“Operating system diversity is more important as increased adoption of Chrome OS and Linux are driving additional demands for increased support from UEMs,” he stated. “Improved macOS support is also important, as UEM [vendors] work to reduce the functionality gap between themselves and Apple-centric management tools.”In addition to Microsoft, different distributors providing UEM options embody BlackBerry, IBM, Ivanti (which acquired MobileIron final yr), and VMware, in line with Gartner’s 2021 Magic Quadrant report for UEM.What can Endpoint Manager do?Through Endpoint Manager’s console, IT admins can execute a UEM technique the place finish customers might be onboarded via any {hardware} platform, and guidelines might be utilized governing which purposes and what information they will entry. UEM makes use of MDM APIs on cellular platforms to allow identification administration, wi-fi LAN administration, operational analytics, and asset administration. In principle, not less than, UEM permits IT to remotely provision, management, and safe the whole lot from smartphones to tablets, laptops, desktops, and now Internet of Things (IoT) gadgets from a single console.Microsoft
This is how Microsoft describes the connection between Endpoint Manager and Intune.
Some UEM merchandise additionally permit cellular software administration (MAM), letting IT admins management entry to particular enterprise apps — and the content material related to them — with out controlling the complete bodily system.Many of the essential software and system provisioning features required for enterprise laptops and PCs operating Windows can now be performed via that working system’s EMM management consoles, that are enabled by Microsoft’s Intune protocol. That means organizations with more moderen Windows PC deployments can use consolidated administration instruments and unified coverage and configuration platforms by way of UEM.For instance, the software program’s integration with Microsoft’s Azure AD and Azure Information Protection permits admins to categorise (and optionally defend) paperwork and emails by making use of entry guidelines and circumstances. And Intune’s integration with Azure Data Protection lets admins embody watermarks on any pictures taken with a cellular system, whether or not company-issued or used by way of a BYOD company coverage.To make system administration simpler — particularly for Windows-based retailers — Microsoft added native EMM performance to Windows 10 by way of Intune in 2019. In all editions of Windows 10, together with these for desktop, cellular, and Internet of Things (IoT) {hardware}, the consumer supplies a single interface via which Intune can handle any Windows 10 system. (Microsoft has stated the administration instruments that work in Windows 10 may also work within the upcoming Windows 11, although it has provided few particulars.)Intune permits conditional entry, together with denial of entry to gadgets not managed by it or compliant with company IT insurance policies, administration of Office 365 and Office cellular apps, and administration of PCs operating Windows Vista or more moderen Windows releases.An open API additionally permits third-party software program suppliers, equivalent to SAP, to wrap their software entry controls into Intune’s UI.Many of the essential software and system provisioning features required for enterprise laptops and PCs operating Windows 10 and 11 will also be carried out via EMM management consoles. Endpoint Manager works with agent-based SCCM to assist extra superior PC and server administration capabilities.(The major subscription consists of utilization rights to SCCM, which permits organizations to handle PCs and cellular gadgets via the identical administration console — one other advantage of a UEM technique.)Microsoft has introduced a variety of updates to Endpoint Manager in latest months, together with Endpoint Analytics reporting within the admin middle. It supplies insights into system efficiency, serving to IT proactively tackle coverage or {hardware} points that might have an effect on customers earlier than they elevate a assist desk ticket.Microsoft additionally launched Tunnel, a VPN gateway for Intune that permits Android and iOS gadgets to remotely connect with on-premises apps and sources; and in June 2021, assist for Android Enterprise work profiles, which may separate work and private information on corporate-owned gadgets.This article was initially launched in September 2018 and most not too long ago up to date in August 2021.
Copyright © 2021 IDG Communications, Inc.