Immediately, we’re taking a big step in finishing the supply of performance we promised after we first unveiled the imaginative and prescient for the Microsoft Intune Suite.1 We’re launching three new options: Microsoft Intune Enterprise Utility Administration, Microsoft Intune Superior Analytics, and Microsoft Cloud PKI. With these additions, the Intune Suite now goes past unified endpoint administration to carry you a complete assortment of superior cross-platform capabilities throughout three core areas: streamlined software safety, safe entry to on-premises and personal cloud sources, and improved troubleshooting and help. Whereas we are going to proceed so as to add extra performance over time, immediately’s launch marks “the top of the start,” as the principle parts of the Intune Suite are usually obtainable this month. As such, let’s take the chance to recap the ideas behind the worth and performance of the Intune Suite.
Microsoft Intune
Improve safety and IT effectivity with the Microsoft Intune Suite.
The broad worth of the Intune Suite
Whereas the options of the Intune Suite launched at completely different deadlines, three basic ideas have been there from the start.
First, one place for workloads adjoining to Unified Endpoint Administration. In the event you’re at the moment utilizing a mixture of third-party options, the built-in expertise in Microsoft Intune supplies safety and effectivity on a number of ranges. First, one unified answer means fewer integrations to handle throughout third events, that means fewer assault vectors for malicious actors. And second, on a deeper degree, the broader Intune proposition (each Intune Suite and Intune) is built-in with Microsoft 365 and Microsoft Safety options. This supplies a consolidated and seamless expertise for IT professionals with a single pane of glass for end-to-end endpoint administration.
Second, all elements of the Intune Suite are able to help your cloud and AI-enabled future. Intune Suite will assist speed up organizations’ digital transformation to cloud native and simplify their IT operations. Moreover, knowledge from Intune Suite are consolidated with different Intune and safety knowledge, that means full visibility throughout the gadget property, informing and enhancing rising applied sciences like Microsoft Copilot for Safety. The extra interrelated knowledge that Copilot can use, the extra it may possibly proactively advise on the subsequent greatest motion.
Lastly, Intune Suite is offered in a single unified plan. So, relatively than having separate options for distant help, privilege administration, analytics, and extra, these superior options can all be consolidated and simplified into one. This supplies worth in two methods: immediately, by decreasing the general licensing price, as the price of Intune Suite is lower than buying separate options; and the financial worth of the Intune Suite can also be in oblique financial savings: no must handle separate distributors, prepare IT admins on separate instruments, or keep pricey on-premises public key infrastructure (PKI). The Intune Suite makes it simpler for IT admins, decreasing overhead prices.
“With what we get out of Intune Suite, we will eradicate different merchandise that our clients want. It’s now a set of many parts that allow clients who need to consolidate options and lower your expenses.”
—Mattias Melkersen Kalvåg, Mobility and Home windows Administration Advisor at MINDCORE, and| Microsoft Licensed Skilled & MVP
From immediately: A complete suite throughout purposes, entry wants, and help
Let’s get into specifics. For software safety, Enterprise App Administration helps you discover, deploy, and replace your enterprise apps. And Endpoint Privilege Administration enables you to handle elevation guidelines on a per-app foundation in order that even commonplace customers can run authorised privileged apps. Cloud PKI enables you to handle certificates from the cloud in lieu of complicated, on-premises PKI infrastructure. And Microsoft Tunnel for Cell Utility Administration (MAM) is ideal for unenrolled, private cell units, to assist dealer safe entry to line of enterprise apps. Superior Analytics offers you data-rich insights throughout your endpoints. And Distant Assist enables you to view and management your PCs, Mac computer systems, and specialised cell units, proper from the Intune admin heart. Allow us to take every of these three product areas in flip.
Improve endpoint safety with Enterprise App Administration and Endpoint Privilege Administration
Enterprise App Administration offers you a brand new app catalog, permitting you to simply distribute managed apps, but in addition hold them patched and at all times updated. With this preliminary launch, it is possible for you to to find and deploy extremely widespread, pre-packaged apps, so that you now not must scour the Web to search out their set up recordsdata, repackage, and add them into Intune. Merely add and deploy the apps immediately from their app publishers. You may also permit the apps you belief to self-update, and when a brand new replace is offered, it is only one click on to replace all of your units with that app put in. We are going to repeatedly increase and enrich the app catalog performance in future releases to additional advance your endpoint safety posture and simplify operations.
“I’m very enthusiastic about Enterprise App Administration because it’s powered by a powerful app catalog and natively built-in in Intune. This single pane of glass expertise is what we’re all on the lookout for.”
—Niklas Tinner, Microsoft MVP and Senior Endpoint Engineer at baseVISION AG
For extra management over your apps, with Endpoint Privilege Administration, you possibly can scope short-term privilege elevation, based mostly on authorised apps and processes. Then, as a consumer in scope for this coverage, you possibly can elevate solely the processes and apps which were authorised. For instance, customers can solely run a single app for a brief time frame as an administrator. In contrast to different approaches that give native admin permissions or just about limitless scope, you possibly can selectively permit a consumer to raise in a one-off state of affairs by requesting Intune admin approval, with out you needing to outline the coverage forward of time.
“Endpoint Privilege Administration affords tight integration into the working system. And the main target that Microsoft has over solely elevating particular actions and apps versus making you an admin for a time frame—that is safety at its greatest, going for the least privileged entry.”
—Michael Mardahl, Cloud Architect at Apento
Cloud PKI and Microsoft Tunnel for MAM powers safe entry
Enhancements to Microsoft Entra certificate-based authentication
With Cloud PKI, offering each root and issuing Certificates Authorities (CA) within the cloud, you possibly can merely arrange a PKI in minutes, handle the certificates lifecycle, cut back the necessity for in depth technical experience and instruments, and decrease the hassle and price of sustaining on-premises infrastructure. As well as, help for Deliver-Your-Personal CA is offered, permitting you to anchor Intune’s Issuing CA to your individual non-public CA. Certificates may be deployed mechanically to Intune-managed units for eventualities reminiscent of authentication to Wi-Fi, VPN, and extra; a contemporary PKI administration possibility that works properly to safe entry with Microsoft Entra certificate-based authentication. Within the preliminary launch, Cloud PKI may also work together with your present Energetic Listing Certificates Providers for SSL and TLS certificates, however you do not want to deploy certificates revocation lists, Intune certificates connectors, Community Machine Enrollment Service (NDES) servers, or any reverse proxy infrastructure. You may challenge, renew, or revoke certificates immediately from the Intune admin heart mechanically or manually.
Microsoft Tunnel for MAM helps safe cell entry to your non-public sources. Microsoft Tunnel for MAM works equally to Microsoft Tunnel for managed units; nonetheless, with this superior answer, Microsoft Tunnel for MAM works with user-owned (non-enrolled) iOS and Android units. Microsoft Tunnel for MAM supplies safe VPN entry on the app degree, for simply the apps and browser (together with Microsoft Edge) your IT admin explicitly authorizes. So, for personally owned units, the consumer can entry authorised apps, with out your organization’s knowledge shifting onto the consumer’s private gadget. App safety insurance policies defend the info inside the apps, stopping unauthorized knowledge leakage to different apps or cloud storage areas.
“Cloud PKI inside the Intune Suite permits you to go cloud native by way of certificates deployment, which implies you possibly can provision PKIs with just some clicks—that’s a blessing for all of the IT directors. With this built-in service, Microsoft hosts the whole lot so that you can handle certificates.”
—Niklas Tinner
Resolve help points faster with Superior Analytics and Distant Assist
Superior Analytics in Intune is a robust set of instruments for actionable reporting and AI-driven analytics. It supplies deep, close to real-time insights into your related units and managed apps that enable you perceive, anticipate, and proactively enhance the consumer expertise. We proceed to infuse AI and machine studying into our analytics merchandise. For instance, you will get forward of battery degradation in your gadget fleet by way of our superior statistical evaluation and use that info to prioritize {hardware} updates. Intune Suite now consists of real-time gadget querying on-demand utilizing Kusto Question Language for particular person units, helpful for troubleshooting and resolving help calls faster.
With Distant Assist, you may also streamline the way in which you remotely view and work together together with your managed units, for each user-requested or unattended periods. As a assist desk technician, you possibly can securely hook up with each enrolled and unenrolled units. Customers even have peace of thoughts in with the ability to validate the technician’s identification, to keep away from assist desk spoofing makes an attempt. Proper now, Distant Assist works for distant viewing and controlling in Home windows PCs and Android devoted Enterprise units, and helps distant viewing for macOS. Particularly helpful for frontline employees, Distant Assist for Android permits assist desk directors to configure and troubleshoot unattended units, that means points may be revolved off-shift.
“Distant Assist takes away the requirement and the necessity for third-party distant assist instruments. Distant Assistance is native, it’s interactive, and also you don’t have to fret about putting in something, it’s already there. It’s a part of Intune, it’s a part of the construct.”
—Matthew Czarnoch, Cloud and Infrastructure Operations Supervisor at RLS (Registration and Licensing Providers)
To see many of those new capabilities in motion, we invite you to observe this new Microsoft Mechanics video.
Analyst recognition for Microsoft
With the additions to the Intune Suite now obtainable, IT can energy a safer and productive future at an essential time as AI comes on-line. Notably, analyst recognition is validating the significance of its worth. For instance, Microsoft once more assumes the strongest management place within the Omdia Universe: Digital Workspace Administration and Unified Endpoint Administration Platforms 2024. Omdia wrote: “Microsoft is targeted on decreasing administration prices by using the Microsoft Intune Suite and integrating completely different options with it.” They added: “The corporate plans to spend money on Endpoint Analytics and Safety Copilot to introduce data-driven administration, serving to IT professionals shift from reactive, repetitive duties to strategic ones by using Endpoint Analytics and automation.” Omdia’s recognition follows that from others like Forrester, who named Microsoft as a Chief in The Forrester Wave™ for Unified Endpoint Administration, Q4 2023.
Get began with consolidated endpoint administration options with the Microsoft Intune Suite
The February 2024 launch of the options within the Intune Suite marks a key milestone, providing a consolidated, complete answer set collectively in a cheap bundle (and obtainable as particular person add-on options) for any plan that features Intune. And in April 2024, they may also be obtainable to organizations and companies of america authorities group cloud. We look ahead to listening to your reactions to the brand new Intune Suite.
To study extra about Microsoft Safety options, go to our web site. Bookmark the Safety weblog to maintain up with our skilled protection on safety issues. Additionally, observe us on LinkedIn (Microsoft Safety) and X (@MSFTSecurity) for the newest information and updates on cybersecurity.
1Ease the burden of managing and defending endpoints with Microsoft superior options, Dilip Radhakrishnan and Gideon Bibliowicz. April 5, 2022.
The Forrester Wave™ is copyrighted by Forrester Analysis, Inc. Forrester and Forrester Wave™ are emblems of Forrester Analysis, Inc. The Forrester Wave™ is a graphical illustration of Forrester’s name on a market and is plotted utilizing an in depth spreadsheet with uncovered scores, weightings, and feedback. Forrester doesn’t endorse any vendor, product, or service depicted within the Forrester Wave™. Data relies on greatest obtainable sources. Opinions replicate judgment on the time and are topic to vary.
The Forrester Wave™: Unified Endpoint Administration, Q4 2023, Andrew Hewitt, Glen O’Donnell, Angela Lozada, Rachel Birrell. November 19, 2023.
