As companies seek to provide employees with a flexible workspace, whether on desktop or mobile devices, in the office or on the go, IT shops can use a single console to integrate hardware management. I had to scramble for the last 10 years.
With that IT goal in mind, Microsoft announced in 2011 Intune cloud service To meet the new enterprise mobility management (EMM) needs of the enterprise. Eight years later in 2019, Microsoft has decided to join The Intune Unified Endpoint Management (UEM) platform and Configuration Manager (ConfigMgr) allow users to access both in one interface.
An integrated product (called Endpoint Manager) makes Intune licenses available to all ConfigMgr customers to co-manage Windows devices. According to Microsoft, more than 200 million devices are currently managed between the two cloud services.
In addition to the single management interface of ConfigMgr and Intune, Endpoint Manager Device Management Management Center (DMAC), Windows Autopilot, and Desktop Analysis.
The software provides IT administrators with on-premises and cloud management tools and co-management options for provisioning, deploying, managing, and protecting enterprise-wide endpoints (desktops, mobile devices, and applications).
Simply put, Endpoint Manager is designed to easily manage a variety of devices so that employees can work with both corporate and personal devices while protecting corporate data. .. It combines mobile device management (MDM) capabilities with mobile application management (MAM), apparently associated with the Windows ecosystem and other Microsoft products, but runs other operating systems such as macOS, iOS, and Android. You can manage your hardware.
Microsoft also expects Endpoint Manager to be used to manage cloud PCs as part of the company. Windows365 Venture It was announced in the middle of 2021.
Rebranding Intune as Endpoint Manager was initially confusing due to duplicate tools. However, companies using Endpoint Manager understand all the features available, said Dan Wilson, senior director and analyst at Gartner.
Combining Intune with SCCM / ConfigMgr in several ways was Microsoft’s answer to the question of whether traditional PC management was finally dead. (it’s not.)
According to Wilson, traditional management tools will continue to play a role in co-management of PCs that require routine life cycle tasks such as disk imaging and MDM.
“In 2020, the adoption of co-management and cloud management of endpoints has increased and accelerated, and the federation of the Configuration Manager console and Intune console over tenant connectivity has also increased,” he said.
NS Subscription service, Microsoft bills the enterprise on a per-user / monthly basis.Prices start at $ 10.60 per sheet as part of Microsoft Enterprise Mobility Suite, Azure Active Directory, Azure Rights Management Services, and Advanced threat analysis..
How does Endpoint Manager fit into the EMM and UEM markets?
When Intune came out, companies were still looking for ways to manage sudden onslaught of devices accessing their data and networks. This is a dropout from the BYOD (Bring-Your-Own-Device) trend that began after the release of Apple’s iPhone. In 2007.
Driven by the company’s BYOD program, hardware management Transition from a Windows-dominated world Increasingly diversified, including iOS, Android, and Apple devices.The momentum behind as more worker tasks are performed on mobile devices Unified Endpoint Management (UEM) It grows because you can manage all user devices with a single console.
By 2022, 50% of company-owned Windows 10 PCs will be managed using EMM software or UEM, according to Gartner. tool. This should help businesses increase operational efficiency. The challenge for many is the choice between using something like Intune or cobblestone with it. A management ecosystem built on software from many third-party vendors..
According to Gartner, success requires integrating a comprehensive UEM system with client management tools to achieve the following goals:
- It provides a single console for configuring, managing, and monitoring device management for traditional mobile devices, PCs, and IoT assets.
- Integrate data protection, device configuration, and usage policy applications.
- Provides a single view of multi-device users to improve end-user support and collect detailed workplace analysis.
- It acts as a coordinating point for coordinating the activity of related endpoint technologies such as identity services and security infrastructure.
The big difference between MDM and UEM: The latter envisions managing desktop hardware as easily as mobile devices and can handle multiple operating systems, both desktop and mobile.
The majority of vendors that provide software that allows UEM come from the MDM and EMM markets, and many vendors have added Windows management capabilities over the last two years.
Many of these have been extended to support Chrome OS and macOS platforms and are deployed to take on the management of multiple types of traditional endpoints, in addition to the mobile endpoints they manage.
Client management tool vendors generally take a little longer to build extensions for PC management tools and are able to handle mobile devices and modern OSs as well.
“The 2021 UEM market includes more traditional client management vendors that have added agentless management for the latest PC operating systems and mobile devices,” Wilson said. “Traditional MDM / EMM vendors are focusing on device-independent, secure workspaces and security-centric mobile device use cases, rather than ongoing development of PC management capabilities.”
“Operating system diversity is even more important, as the increasing adoption of Chrome OS and Linux has increased additional demands for increased support from UEM,” he said. “As UEM, improving macOS support is also important. [vendors] We strive to reduce the functional gap between our company and Apple-centric management tools. “
In addition to Microsoft, other vendors offering UEM solutions include BlackBerry, IBM, Ivanti (which acquired MobileIron last year), and VMware. Gartner’s 2021 Magic Quadrant Report For UEM.
What can you do with Endpoint Manager?
Through the Endpoint Manager console, IT managers can implement UEM strategies that allow end users to onboard over any hardware platform and apply rules to manage accessible applications and data. UEM uses the MDM API on mobile platforms to enable identity management, wifi management, operational analysis, and asset management. In theory, at least with UEM, IT departments can remotely provision, control, and protect everything from smartphones to tablets, laptops, and desktops. Internet of Things (IoT) devices From a single console.
Mobile application management (MAM) is also possible for some UEM products, allowing IT administrators to control access to specific business apps (and their associated content) without controlling the entire physical device. I can do it.
Many of the basic application and system provisioning features required for business laptops and PCs running Windows can now be performed through the EMM control console of the operating system enabled by Microsoft’s Intune protocol. I did. This means that organizations deploying Windows PCs these days can use unified management tools and integration policies and configuration platforms through UEM.
For example, software and Microsoft’s Azure AD and Azure Information Protection Allows administrators to classify (and optionally protect) documents and emails by applying access rules and conditions. In addition, the integration of Intune and Azure Data Protection allows administrators to include watermarks on all images taken on mobile devices, whether issued by the company or used through BYOD corporate policies. I can.
To facilitate device management — especially for Windows-based shops — Microsoft Added native EMM functionality To Windows 10 Via Intune in 2019.
In all editions of Windows 10, including desktop, mobile, and Internet of Things (IoT) hardware, the client provides a single interface that allows Intune to manage any Windows 10 device. (Microsoft states that management tools that work on Windows 10 provide few details, but will work on future Windows 11 as well.)
Intune denies access to unmanaged or non-compliance with corporate IT policies, manages Office 365 and Office mobile apps, manages PCs running Windows Vista and later releases, and more. Allows conditional access.
The open API also allows third-party software providers such as SAP to wrap application access control in the Intune UI.
Many of the basic application and system provisioning features required for business laptops and PCs running Windows 10 and 11 can also be performed through the EMM Control Console. Endpoint Manager works with agent-based SCCM to support more advanced PC and server management capabilities.
(The primary subscription includes the right to use SCCM, which allows organizations to manage their PCs and mobile devices through the same management console, which is another benefit of the UEM strategy.)
Microsoft has announced various updates to Endpoint Manager in the last few months. Endpoint analysis Report in the administration center. This provides insight into device performance and helps IT proactively address policy or hardware issues that may affect users before they issue help desk tickets. increase.
Microsoft We also introduced a tunnel A VPN gateway for Intune that allows Android and iOS devices to connect remotely to on-premises apps and resources.And in June 2021 Android Enterprise work profile supportYou can separate work and personal data on company-owned devices.
This article was originally published in September 2018 and most recently updated in August 2021.
Copyright © 2021 IDG Communications, Inc.
https://www.computerworld.com/article/3304583/microsoft-endpoint-manager-what-intunes-successor-does-how-it-works.html Microsoft Endpoint Manager: What the Intune successor does and how it works