Right now, we’re taking a big step in finishing the supply of performance we promised after we first unveiled the imaginative and prescient for the Microsoft Intune Suite.1 We’re launching three new options: Microsoft Intune Enterprise Utility Administration, Microsoft Intune Superior Analytics, and Microsoft Cloud PKI. With these additions, the Intune Suite now goes past unified endpoint administration to convey you a complete assortment of superior cross-platform capabilities throughout three core areas: streamlined software safety, safe entry to on-premises and personal cloud sources, and improved troubleshooting and assist. Whereas we’ll proceed so as to add extra performance over time, right now’s launch marks “the top of the start,” as the primary parts of the Intune Suite are typically out there this month. As such, let’s take the chance to recap the rules behind the worth and performance of the Intune Suite.
Microsoft Intune
Improve safety and IT effectivity with the Microsoft Intune Suite.
The broad worth of the Intune Suite
Whereas the options of the Intune Suite launched at totally different deadlines, three elementary rules have been there from the start.
First, one place for workloads adjoining to Unified Endpoint Administration. In the event you’re presently utilizing a mixture of third-party options, the built-in expertise in Microsoft Intune supplies safety and effectivity on a number of ranges. First, one unified resolution means fewer integrations to handle throughout third events, that means fewer assault vectors for malicious actors. And second, on a deeper degree, the broader Intune proposition (each Intune Suite and Intune) is built-in with Microsoft 365 and Microsoft Safety options. This supplies a consolidated and seamless expertise for IT professionals with a single pane of glass for end-to-end endpoint administration.
Second, all components of the Intune Suite are able to assist your cloud and AI-enabled future. Intune Suite will assist speed up organizations’ digital transformation to cloud native and simplify their IT operations. Moreover, information from Intune Suite are consolidated with different Intune and safety information, that means full visibility throughout the machine property, informing and enhancing rising applied sciences like Microsoft Copilot for Safety. The extra interrelated information that Copilot can use, the extra it might probably proactively advise on the following finest motion.
Lastly, Intune Suite is accessible in a single unified plan. So, slightly than having separate options for distant help, privilege administration, analytics, and extra, these superior options can all be consolidated and simplified into one. This supplies worth in two methods: straight, by decreasing the general licensing value, as the price of Intune Suite is lower than buying separate options; and the financial worth of the Intune Suite can also be in oblique financial savings: no have to handle separate distributors, practice IT admins on separate instruments, or keep pricey on-premises public key infrastructure (PKI). The Intune Suite makes it simpler for IT admins, decreasing overhead prices.
“With what we get out of Intune Suite, we are able to remove different merchandise that our prospects want. It’s now a set of many parts that allow prospects who wish to consolidate options and get monetary savings.”
—Mattias Melkersen Kalvåg, Mobility and Home windows Administration Marketing consultant at MINDCORE, and| Microsoft Licensed Skilled & MVP
From right now: A complete suite throughout functions, entry wants, and assist
Let’s get into specifics. For software safety, Enterprise App Administration helps you discover, deploy, and replace your enterprise apps. And Endpoint Privilege Administration allows you to handle elevation guidelines on a per-app foundation in order that even customary customers can run authorized privileged apps. Cloud PKI allows you to handle certificates from the cloud in lieu of advanced, on-premises PKI infrastructure. And Microsoft Tunnel for Cell Utility Administration (MAM) is ideal for unenrolled, private cell gadgets, to assist dealer safe entry to line of enterprise apps. Superior Analytics offers you data-rich insights throughout your endpoints. And Distant Assist allows you to view and management your PCs, Mac computer systems, and specialised cell gadgets, proper from the Intune admin middle. Allow us to take every of these three product areas in flip.
Improve endpoint safety with Enterprise App Administration and Endpoint Privilege Administration
Enterprise App Administration offers you a brand new app catalog, permitting you to simply distribute managed apps, but additionally preserve them patched and all the time updated. With this preliminary launch, it is possible for you to to find and deploy extremely fashionable, pre-packaged apps, so that you now not have to scour the Web to seek out their set up information, repackage, and add them into Intune. Merely add and deploy the apps straight from their app publishers. You may as well permit the apps you belief to self-update, and when a brand new replace is accessible, it is only one click on to replace all of your gadgets with that app put in. We’ll constantly broaden and enrich the app catalog performance in future releases to additional advance your endpoint safety posture and simplify operations.
“I’m very enthusiastic about Enterprise App Administration because it’s powered by a robust app catalog and natively built-in in Intune. This single pane of glass expertise is what we’re all on the lookout for.”
—Niklas Tinner, Microsoft MVP and Senior Endpoint Engineer at baseVISION AG
For extra management over your apps, with Endpoint Privilege Administration, you possibly can scope short-term privilege elevation, based mostly on authorized apps and processes. Then, as a person in scope for this coverage, you possibly can elevate solely the processes and apps which have been authorized. For instance, customers can solely run a single app for a brief time period as an administrator. In contrast to different approaches that give native admin permissions or just about limitless scope, you possibly can selectively permit a person to raise in a one-off situation by requesting Intune admin approval, with out you needing to outline the coverage forward of time.
“Endpoint Privilege Administration presents tight integration into the working system. And the main target that Microsoft has over solely elevating particular actions and apps versus making you an admin for a time period—that is safety at its finest, going for the least privileged entry.”
—Michael Mardahl, Cloud Architect at Apento
Cloud PKI and Microsoft Tunnel for MAM powers safe entry
Enhancements to Microsoft Entra certificate-based authentication
With Cloud PKI, offering each root and issuing Certificates Authorities (CA) within the cloud, you possibly can merely arrange a PKI in minutes, handle the certificates lifecycle, cut back the necessity for intensive technical experience and instruments, and reduce the trouble and price of sustaining on-premises infrastructure. As well as, assist for Convey-Your-Personal CA is accessible, permitting you to anchor Intune’s Issuing CA to your individual non-public CA. Certificates may be deployed routinely to Intune-managed gadgets for eventualities similar to authentication to Wi-Fi, VPN, and extra; a contemporary PKI administration possibility that works nicely to safe entry with Microsoft Entra certificate-based authentication. Within the preliminary launch, Cloud PKI may also work together with your present Lively Listing Certificates Providers for SSL and TLS certificates, however you don’t want to deploy certificates revocation lists, Intune certificates connectors, Community System Enrollment Service (NDES) servers, or any reverse proxy infrastructure. You’ll be able to difficulty, renew, or revoke certificates straight from the Intune admin middle routinely or manually.
Microsoft Tunnel for MAM helps safe cell entry to your non-public sources. Microsoft Tunnel for MAM works equally to Microsoft Tunnel for managed gadgets; nevertheless, with this superior resolution, Microsoft Tunnel for MAM works with user-owned (non-enrolled) iOS and Android gadgets. Microsoft Tunnel for MAM supplies safe VPN entry on the app degree, for simply the apps and browser (together with Microsoft Edge) your IT admin explicitly authorizes. So, for personally owned gadgets, the person can entry authorized apps, with out your organization’s information transferring onto the person’s private machine. App safety insurance policies defend the info throughout the apps, stopping unauthorized information leakage to different apps or cloud storage places.
“Cloud PKI throughout the Intune Suite means that you can go cloud native when it comes to certificates deployment, which suggests you possibly can provision PKIs with just some clicks—that’s a blessing for all of the IT directors. With this built-in service, Microsoft hosts every part so that you can handle certificates.”
—Niklas Tinner
Resolve assist points faster with Superior Analytics and Distant Assist
Superior Analytics in Intune is a strong set of instruments for actionable reporting and AI-driven analytics. It supplies deep, close to real-time insights into your related gadgets and managed apps that assist you to perceive, anticipate, and proactively enhance the person expertise. We proceed to infuse AI and machine studying into our analytics merchandise. For instance, you will get forward of battery degradation in your machine fleet by our superior statistical evaluation and use that data to prioritize {hardware} updates. Intune Suite now contains real-time machine querying on-demand utilizing Kusto Question Language for particular person gadgets, helpful for troubleshooting and resolving assist calls faster.
With Distant Assist, you may also streamline the best way you remotely view and work together together with your managed gadgets, for each user-requested or unattended periods. As a assist desk technician, you possibly can securely hook up with each enrolled and unenrolled gadgets. Customers even have peace of thoughts in having the ability to validate the technician’s id, to keep away from assist desk spoofing makes an attempt. Proper now, Distant Assist works for distant viewing and controlling in Home windows PCs and Android devoted Enterprise gadgets, and helps distant viewing for macOS. Particularly helpful for frontline staff, Distant Assist for Android permits assist desk directors to configure and troubleshoot unattended gadgets, that means points may be revolved off-shift.
“Distant Assist takes away the requirement and the necessity for third-party distant assist instruments. Distant Assistance is native, it’s interactive, and also you don’t have to fret about putting in something, it’s already there. It’s a part of Intune, it’s a part of the construct.”
—Matthew Czarnoch, Cloud and Infrastructure Operations Supervisor at RLS (Registration and Licensing Providers)
To see many of those new capabilities in motion, we invite you to look at this new Microsoft Mechanics video.
Analyst recognition for Microsoft
With the additions to the Intune Suite now out there, IT can energy a safer and productive future at an necessary time as AI comes on-line. Notably, analyst recognition is validating the significance of its worth. For instance, Microsoft once more assumes the strongest management place within the Omdia Universe: Digital Workspace Administration and Unified Endpoint Administration Platforms 2024. Omdia wrote: “Microsoft is concentrated on decreasing administration prices by using the Microsoft Intune Suite and integrating totally different options with it.” They added: “The corporate plans to put money into Endpoint Analytics and Safety Copilot to introduce data-driven administration, serving to IT professionals shift from reactive, repetitive duties to strategic ones by using Endpoint Analytics and automation.” Omdia’s recognition follows that from others like Forrester, who named Microsoft as a Chief in The Forrester Wave™ for Unified Endpoint Administration, Q4 2023.
Get began with consolidated endpoint administration options with the Microsoft Intune Suite
The February 2024 launch of the options within the Intune Suite marks a key milestone, providing a consolidated, complete resolution set collectively in a cheap bundle (and out there as particular person add-on options) for any plan that features Intune. And in April 2024, they may also be out there to organizations and businesses of the USA authorities neighborhood cloud. We stay up for listening to your reactions to the brand new Intune Suite.
To be taught extra about Microsoft Safety options, go to our web site. Bookmark the Safety weblog to maintain up with our professional protection on safety issues. Additionally, observe us on LinkedIn (Microsoft Safety) and X (@MSFTSecurity) for the most recent information and updates on cybersecurity.
1Ease the burden of managing and defending endpoints with Microsoft superior options, Dilip Radhakrishnan and Gideon Bibliowicz. April 5, 2022.
The Forrester Wave™ is copyrighted by Forrester Analysis, Inc. Forrester and Forrester Wave™ are emblems of Forrester Analysis, Inc. The Forrester Wave™ is a graphical illustration of Forrester’s name on a market and is plotted utilizing an in depth spreadsheet with uncovered scores, weightings, and feedback. Forrester doesn’t endorse any vendor, product, or service depicted within the Forrester Wave™. Data is predicated on finest out there sources. Opinions mirror judgment on the time and are topic to vary.
The Forrester Wave™: Unified Endpoint Administration, Q4 2023, Andrew Hewitt, Glen O’Donnell, Angela Lozada, Rachel Birrell. November 19, 2023.