Microsoft Intune Reviews

We are using this product for enterprise development within our organization.

The primary use is for building Unified Endpoint Management (UEM) capabilities.

The most valuable feature is the UEM capabilities.

The user interface should be improved because it is a little bit slow.

It does not have support for containerization.

There is no catalog for mobile access management (MAM) security.

I have been working with Microsoft Intune for more than six or seven years.

Because we are doing a PoC, there have been no issues with scalability as of now.

We started with a user base of 5,000 and are aiming to have 30,000.

Because we are still in the PoC, we are only testing it with a few users.

We have not been in touch with Microsoft technical support.

The configuration is straightforward and there is nothing complex about it.

Intune is a good product for UEM, which is helpful for Windows 10 management. However, for MAM, there is lots of improvement needed. For example, the application catalog should be there.

I would rate this solution a six out of ten.

We are VMware and Microsoft partners, so we offer services around their products.  

We are using Intune internally but we are leveraging it for our customers as well. That is a different story. One part of Intune is within our company, but we are also providing services around Intune and Workspace One for our customers.  

For us, Intune is on the public cloud. For our clients, it depends on the requirements and it varies from customer to customer. Some clients' requirements are deployed in private cloud mode or the hybrid setup. It depends. Requirements differ from industry to industry. If a company is BFSI (Banking, Financial Services, and Insurance), then they will be looking for a private cloud solution. If it is something which is not BFSI or maybe some industrial interest, they might go with the public cloud.  

In the end, most of our instances are in the public cloud unless there is some compliance requirement. Otherwise, the accounts are mostly in the public cloud to conform to regulations.  

Intune is used essentially to facilitate the ability of enterprise organizations to manage their endpoints. It is for end-user computing or UEM (Unified Endpoint Management) solutions.  

One of the major advantages of using Intune is for our ISO (International Organization for Standardization) certification. We have to meet requirements for ISO 27001 and 27002 and part of that is that we need to have a proper control mechanism for endpoints and the users who are using those endpoints. The other requirement is that we need to manage the workforce. We have to manage their time to understand how long they have been working, how long their device was on, when they were working, et cetera. So we use some other products that compliment Intune to gather the data on that.  

For example, we have something called Time Doctor. We use it to monitor how long people have been working. We get reports that detail how long their devices have been on. Then there are different ways we can leverage these results and statistics. For example, we can compare the uptime of the device and uptime of Time Doctor. With that, we can understand how long an employee was working on something, but how much more time the machine was up in addition to the work period. That shows the period of time that he or she was not using Time Doctor.  

The other thing is we can remotely access a device. For example, say we have to do some troubleshooting because a user is having an issue. We can remotely log in via Intune to troubleshoot the issue, as long as the device is accessible. Obviously, that can only happen if there is no issue with the internet and connectivity and services. But we can remotely access the device and troubleshoot the issue securely.  

Those are some of the different use cases.  

I guess in our company we are using most of the features in Intune. What we use it for is to control the endpoints. We publish some selected applications and the end-users are only able to download and install those applications. They are not allowed to install or use any other applications other than what we provide. We do compliance checking. We run assessments periodically on the endpoints using Intune, and Intune generates reports. Sometimes we need those reports to qualify for our ISO certifications.  

It is a similar thing for customers as well. There is a different requirement but it is a similar idea. For example, if we are engaged with an oil and gas company, they have back-office stations and point-of-sale solutions. In this case, those are Windows systems. What they used to do is they had to manage those solutions manually. They had a contract with some third party. The third-party would go on the sites if there was an issue or something, and maintenance and delivery were all manual. They did not have any EMS (Endpoint Management Solution) at all. The only thing they had was something called a radiant configuration management server. That was only used for configuration purposes, not for maintenance or other troubleshooting.  

The concern and the requirement over delivery was raised because of COVID. No one was able to go to the sites to do the troubleshooting, maintenance, and delivery. The only solution that they had was to engage with us to deploy these solutions on their endpoints. They did not all go with Intune, some went with Workspace One, which is also a UEM solution. So they wanted us to deploy UEM on AWS public cloud, then connect it, wire their MPLS (Multi-Protocol Label Switching) network to the end-point spots and box devices in order to manage them.  

The generic answer to what can be improved is that I hope that the reporting needs to be a bit more interactive.  

In our company, we have been using Intune for the past three years.  

I think Intune has been in the market for a long time now. That maturity makes it pretty much stable because it has been through so many iterations.  

Until now, we did not have any concern with respect to scalability within whatever we have done either for our organization or for our clients. We have done installations for bigger companies, for smaller workforces within bigger companies, but not for the larger endpoints. We do not know how well it scales in every direction and if scaling will cause any problems. We have not come across those things.  

In our organization, we probably have 250 to 300 people who are using the product. We will probably increase that usage in the future, but it depends. We were planning to introduce Microsoft ATP with Intune for advanced threat protection, which compliments the security part. Because Intune does not have advanced threat protection capabilities on its own this resolves that issue. There may be other considerations in the future that influence the importance of Intune to what we need it for and how we proceed.  

We are Microsoft partners and we have a different support model with Microsoft than a typical client will. We have not had any issues with our support team and they have worked well with us up to this point. We have a different channel than the partners who need to communicate with Microsoft another way.  

It is a tricky thing to answer exactly what I have used that either was prior to or a substitution for Intune. That depends on different things and factors. First of all, Workspace One is definitely highly scalable, that I know. Workspace One also has a lot of integration options wherein we can have a lot of peripheral tools. Workspace One actually started with only UEM, but it is now not limited to UEM only.  

Intune, is only a UEM. So Workspace One has one integration as UEM, but it has many other things. Apart from that, it has Workspace One Intelligence, it has Workspace One Assist, et cetera. There are four different parts that can be integrated with Workspace One and they can work together for a highly scalable, highly secure, and highly analytical solution.  

Microsoft also has solutions. It is just that they are different solutions implemented in a different way. For example, ATP (Advanced Threat Protection) Microsoft is for advanced threat protection. WAD is for virtual desktops. They do not have the same type of tight integrations as Workspace One. All of these Microsoft products work separately. In Workspace One, all the products compliment each other and all the products can be combined more like modules under Workspace One. They can push their findings to Workspace One Intelligence where all data intelligence can be done. Auto remediation can be done. We can get findings from VMware because now Workspace One security is there to make sure that this is secure under the umbrella. VMware Carbon Black is also the same in that it can send its findings to Workspace One Intelligence. So the integration is the part that is handled differently. Workspace One has many features. Microsoft also has those features. It is just that it is a different way to orchestrate. In Microsoft, it is not under one umbrella. In VMware, that is under one umbrella, which is Workspace One.  

The pros and cons are different because both approaches have their own advantages and disadvantages. Both have solutions for each of the functions. For example, each has advanced threat protection and all those capabilities. If you stay working with that family of solutions, you do not have a problem.  

Now say, for example, a company went with Workspace One because they wanted to leverage UEM. They adopted some other modules as well with it to create solutions for problems or needs that they want to solve. They have to have Workspace One for this solution and they can not work with it separately. That might be a cost factor because they can not work with one tool only, they have to make the license for two products because they do not work separately.  

For Microsoft, since the products are completely separate, customers can choose which one to go with and only use that. They can go with only one product, or they can add any of the others. They do not need to have the central component to bring them together.  

So that might be an advantage or disadvantage in using one product or the other depending on the use case.  

We did not experience any complexity in the initial deployment and there was no problem with the installation, I do not think. The complexity definitely depends on what you are trying to accomplish. I do not remember exactly because I do not directly deal with deployment anymore. I am actually leading it. We have a team that deploys the product. I do not look over their shoulder to know how much time it takes exactly and what factors it requires for successful deployment.  

We did the deployment by ourselves without the help of consultants or vendors, that I know. We are system integrators. We have the capabilities to do things for customers. We did it ourselves. The only thing is, we have a separate team for the Microsoft product installations. Especially for something like Microsoft Intune, we need to have a special expertise. Something called Microsoft Windows, virtual desktops, all of that needs someone to install it who is intimate with the application. Microsoft Azure is something that can be used for different Microsoft technologies and solutions. We have a different team that we will put on the implementation of these products depending on the requirements.  

The pricing for Microsoft Intune is reasonable. Our clients are satisfied.  

If someone is looking to have a more integrated result, they are looking for many other things like EDR (Enhanced Data Detection and Response). It is probably better to go with Workspace One because they have that under one banner. Obviously, if there is something under one banner, the integrations are simple, they are seamless, and they complement each other.  

I do not think I will have a good answer for what advice to give because technically I have not used Intune myself for some time now. I have a team that works under me for this. I am at an architect-level position now. My perspective reflects that.   

On a scale from one to ten (where one is the worst and ten is the best), I would rate Intune as an eight at least if you are only talking about a UEM solution. Personally, I am not very concerned about the reporting part, so I will consider it at eight. But if someone is looking for extensive reporting detail that is easy to understand. Interactive reporting that will give them better-tuned results, then obviously the rating might go down.  

The only thing which I see that can be done to raise this product from an eight is to package Intune as a product under one umbrella. If that were to happen, it covers the whole of end-user computing and security solutions.  

At the moment, these are two separate things when using Intune. There may be another way to accomplish this under the one umbrella if you go with Intune. For example, if there is an add-on within Intune to leverage containerized security, auto containment, and all those things. This would be a more flexible solution if that were the case. At the moment, Intune is not required to be installed as a client. As a client in the system, it can communicate with servers and do some auto containments, endpoint detection, and response. If there was a separate solution that could be added as a paid solution to create the umbrella, you have created both solutions simultaneously.  

The main reason this problem came into the picture was because of this COVID pandemic. IT teams and security teams do not go well together normally. There has to be one solution which can offer both. It can be for both IT architects, IT technical support, and security support. That is the solution that can be leveraged for both security and end-user computing. It is simple.  

We are using Microsoft Intune to control, manage, and to protect the data on mobile devices.

The most valuable feature is the scalability.

There are differences in protecting the data on a mobile device and on iOS. When you protect the data on iOS, you protect the entire device.

From an Android, you can select certain applications to protect. What this means is that the employee who uses Android devices are protected only from emails, and the personal data on the device is not protected. When the employee uses the iOS they control all of the devices, which is not convenient.

There are items that require improvements. One is the controls from iOS.

I have been working with Microsoft Intune for approximately four years.

We have not experienced any bugs or glitches with this solution.

We have not had any issues with the scalability. We have more than 1,000 users.

We have contacted technical support several times.

Technical support is sometimes okay.

The initial setup is a bit difficult.

It took almost a month to deploy. There were several requirements to set up the conditions.

I would recommend Microsoft Intune.

I would rate this solution an eight out of ten.

Our primary use case for this solution is to implement conditional access policies to restrict mobile users from accessing emails until their devices comply.

Intune should be much more granular in terms of supporting more devices. It is mainly only supported for Samsung knox devices. If you want to restrict the user, and not to turn on the camera and such, most of the policies that I found were more supported only towards Samsung knox devices. But, some policies are supported for Android 4.0 operating systems. Most of these policies are only for Samsung knox. I wish there was more diversity regarding other Android devices. In our country, there are multiple vendors, such as: Samsung, Huawei and more. I would prefer other solutions if I'm implementing restricting the devices in terms of applying the policies.

It has many features, but the most prominent is that other mobile device solutions support more polices. Much more diversion is needed in implementing the policies in different kinds of devices. As I have worked, it has not supported too many policies for android devices. Every 3rd or 4th policy that was supported is for Samsung knox devices. So, most people prefer to use Intune if they want to implement conditional access policies to restrict customer exchange online or exchange user formats emails until their devices comply.

You can publish Apps on the devices and take inventory of the devices, but it's all about the companies who were interested due to implementing conditional access policies to restrict  users. They want to restrict the users in order to access emails until their device is secure and then comply with the security policies of the organization.

Most of the customers expect that most of the policies will be there for Android, to implement the policies. Unfortunately, most of the policies that I found are for Samsung knox devices, that is specific to a device or specific to a vendor. That's why most of the customers have a hard time with Intunes, because most of the policies they see is for Samsung knox. They want Intunes to support Android devices. If it is supported by other Android devices, then it's very complicated because if you want it implemented, you have to use some custom equipment. There are a very limited number of policies that are applied, and all generate other devices like Samsung knox devices.

Most of the customers in the business do not use Intune because it doesn't support that much policy for Android. Here in Pakistan, most of the end users are using Android devices. Windows is out of the question. They don't use Microsoft mobile phones. Most of the popular devices are iOS, and the ultimate users are Androids. I think 80% of the users are using Android devices here and less than 20% are using iOS devices.

So, the customer is expecting to apply policy on Android devices and it's not generated specific to a vendor like Samsung knox, so they don't buy it, and they don't consider it.

Yes, it is a stable solution. There were a few stability issues, but most of us are happy with the stability of the solution.

I do not think scalability is an issue.

It was not easy, but not too complex. If an engineer knows what he or she is doing, then it is not difficult.

The product is offered as part of a Microsoft standard bundle. The pricing can be competitive to VMware Airwatch, and IBM MaaS360.

We considered VMware Airwatch and IBM MaaS360. 

From my experience if the requirement is to lock down the Android devices through Intune, then I should advise to look at the different policies that are available for Intune before doing the implementation. Because, if the policies do not meet the requirements of the organization to lock down the devices or to apply the policies on the devices, then it does not make any sense. So, for Android devices in particular, if you are implementing Intune then you should first look at the policies that are available in Intunes and then try to evaluate and do proof of concept.

My primary use case for this solution is for MDM. We use it to manage our devices and phones. We want to make sure that data is not stolen from the devices of our staff. Staff members often bring their own devices to work, and we need to manage that.

The aspects I find most valuable are the managing the data and applications. I can also restrict the users to install any applications. I can also wipe the data if the phone was misplaced or stolen. These are the basics for me.

I would like to be able to track the phone. I am not sure this is a feature that is readily available.

I find that this is a stable product and it is convenient for our business.

I have no issues with scalability because I have already used it for our organization and we have it for around 40 phones, and it seems to be suitable for our needs.

Until now, I have not really used the technical support.

I have previous experience with VMware Airwatch. But, I find that the integration is better with Microsoft Intune because we are already using Azure as a domain. It is a much easier integration with the Microsoft products.

I have no comment on pricing of the solution.

We have previous experience with VMware Airwatch.

I would advise other colleagues to use Microsoft Intune.

We have several different use cases. We have a BYOD (Bring Your Own Device) policy for corporate owned devices, and managing those devices is our responsibility.

It is a very helpful and easy solution. When deploying different configuration policies and compliance policies it is helpful. In addition, deployment of applications on devices is a valuable feature.

I think that there is room for improvement with the reporting. If this is done, it will be a better product.

I have not encountered any issues with stability of this product.

It is quite scalable. It is quite easily able to extend the capabilities of whatever you want to do. And, it is not always visible to the end customer.

I have used technical support in the past. When considering the seniority level of the tech support, I think they are quite good in comparison to other products. They are quick to respond to our needs.

We previously used VMware Airwatch.

The purchase of the product was handled by someone else in our company. I do not have experience with pricing of the product.

We received Intune with a bundle of Microsoft products.

We use this primarily for security on our devices. We use this product because it came with the bundle from Microsoft.

By using Microsoft Intune, I can control my Outlook on my phone. Whenever I try to open any file attatchment, it will be more secure. There are additional security precautions it provides with photos, as well. 

The security features are valuable to us. We have a BYOD (Bring Your Own Device) policy at our organization. Many employees need help managing these devices. Microsoft Intune helps us manage MDM (Mobile Device Management).  We find it provides MAM (Mobile Application Management) to a lesser degree.

The MAM feature could be improved. In addition, the security of photo sharing could be improved. 

It is very scalable. Our organization has over 26,000 employees. 

Microsoft Intune is a cost effective choice.  It is less expensive than other products on the market. 

We also looked at VMware AirWatch. 

Our primary use case is using Microsoft Intune MAM, which is the mobile application management. We are using basically it for application management type needs.

We are using a model for productivity through Microsoft Intune. For example, we are using Microsoft Themes to share all our contents and we connect that with Skype. We also use the Microsoft PowerApps, to help developer apps on a mobile. All of these functions are managed by the Microsoft Intune. 

One of the most valuable features is the overall UI. It's really easy to access, so user interface is very good. Secondly, the enrollment is a nice feature. It is easy to move into the Intune company portal with minimal steps to do so.   In addition, the storage solutions are a nice feature that can be used together with other Microsoft products such as OneDrive and SharePoint. A nice sidebar feature of this is that you can actually restrict the people to mark or store data inside a device and you can bound them to store it in only a white drive and then you can an create an overall encryption around that. For other companies you need to use a container, but not with Microsoft.

I think that in the future Microsoft Intune should have an EMS (Enterprise Mobile Security) feature added. 

Yes, there are a couple of issues with stability. The issues have to do with adoption. Also, organization has to change. 

Our company has not quite reached a level where this is an issue. 

Technical support is good. They have a free kind of support ecosystem, one is the premium support and one is the channel support. In both the ecosystems, the response is, good. Obviously,  if you have the premium support, you get a response within a shorter amount of time.  But I have found that even if you're doing the standard support also, you will get an immediate response. So, overall, the support is very good. For now there's no challenges coming from the technical support.

It is really easy to integrate and manage all Microsoft products with Microsoft Intune.

There is a cost benefit of using Microsoft Intune because of the packaging with other Microsoft products.