Microsoft Cloud Device Management comparisions

1. Microsoft InTune @directorcia http://about.me/ciaops

2. Mobile application management PC managementMobile device management Intune helps organizations provide their employees with access to corporate applications, data, and resources from virtually anywhere on almost any device, while helping to keep corporate information secure. User IT

3. Mobile devices and PCs Mobile devices System Center Configuration Manager Domain joined PCs Configuration Manager integrated with Intune (hybrid)Intune standalone (cloud only) IT IT Intune web console Configuration Manager console

4. Consistent experience across: Discover and install corporate apps Manage devices and data Ability to contact IT Customizable terms and conditions

5. Configuration Manager console (hybrid)Intune web console (cloud only)

6. • • • • • •

8. Device Management Microsoft IntuneBuilt-InBuilt-in Microsoft Intune Conditional Access Selective Wipe LoB app

10. •Mobile Device Management • Deploy certificates, WiFi, VPN, and email profiles automatically once a device is enrolled •Mobile Application Management • Provide the ability to deny specific applications or URL addresses from being accessed on mobile devices •PC Management • Simplify administration by deploying software and configuring Windows Firewall settings on computers based upon policies defined by the administrator

11. Office 365 MDM

12. Category Feature Exchange ActiveSync MDM for Office 365 Intune Standalone Intune + ConfigMgr (Hybrid) Device configuration Inventory mobile devices that access corporate applications ● ● ● ● Remote factory reset (full device wipe) ● ● ● ● Mobile device configuration settings (PIN length, PIN required, lock time, etc.) ● ● ● ● Self-service password reset (Office 365 cloud only users) ● ● ● ● Office365 Provides reporting on devices that do not meet IT policy ● ● ● Group-based policies and reporting (ability to use groups for targeted device configuration) ● ● ● Root cert and jailbreak detection ● ● ● Remove Office 365 app data from mobile devices while leaving personal data and apps intact (selective wipe) ● ● ● Prevent access to corporate email and documents based upon device enrollment and compliance policies ● ● ● Premium mobiledevice& appmanagement Self-service Company Portal for users to enroll their own devices and install corporate apps ● ● App deployment (Windows Phone, iOS, Android) ● ● Deploy certificates, VPN profiles (including app-specific profiles), email profiles, and Wi-Fi profiles ● ◐ Prevent cut/copy/paste/save as of data from corporate apps to personal apps (mobile application management) ● ● Secure content viewing via Managed browser, PDF viewer, Imager viewer, and AV player apps for Intune ● ● Remote device lock via self-service Company Portal and via admin console ● ● PC Management Client PC management (e.g. Windows 8.1, inventory, antimalware, patch, policies, etc.) ● ● PC software management ● ● Comprehensive PC management (e.g. Windows Server/Linux/Mac OS X support, virtual desktop and power management, custom reporting, etc.) ● OS deployment ● Single management console for PCs, Windows Server/Linux/Mac OS X, and mobile devices ●

13. • Ability to apply security policies • Selective wipe of Office 365 data • Familiar user experience • Included with all Office 365 commercial subscriptions, including Business, Enterprise, EDU and Government plans

14. Windows Phone 8.1 iOS 7.1+ Android 4+ Exchange Exchange ActiveSync includes native email and third-party apps, like TouchDown, that use Exchange ActiveSync. Exchange ActiveSync Exchange Mail Exchange ActiveSync Mail Exchange ActiveSync Email Office and OneDrive for Business No supported apps Outlook OneDrive Word Excel PowerPoint On phones and tablets: Outlook OneDrive Word Excel PowerPoint On phones only: Office Mobile https://technet.microsoft.com/library/ms.o365.cc.devicepolicysupporteddevice.aspx

17. http://blog.ciaops.com/2015/05/mobile-device-management-has-arrived.html

18. • Now set the device policies

21. Note – Policies apply to security groups

24. Personal apps Managed apps Company Portal Are you sure you want to wipe corporate data and applications from the user’s device? OK Cancel Perform selective wipe via self-service company portal or admin console Remove managed apps and data Keep personal apps and data intact ITIT

25. •Conditional Access : You can set up security policies on devices that connect to Office 365 to ensure that Office 365 corporate email and documents can be accessed only on phones and tablets that are managed by your company and are compliant. •Device management : You can set and manage security policies such as device-level pin lock and jailbreak detection to help prevent unauthorized users from accessing corporate email and data on a device when it is lost or stolen. •Selective wipe : You can easily remove Office 365 company data from an employee’s device while leaving their personal data in place.

26. Intune Device and Application Management

28. Enroll • Provide a self-service Company Portal for users to enroll devices • Deliver custom terms and conditions at enrollment • Bulk enroll devices using Apple Configurator or service account • Restrict access to Exchange email if a device is not enrolled Retire • Revoke access to corporate resources • Perform selective wipe • Audit lost and stolen devices Provision • Deploy certificates, email, VPN, and WiFi profiles • Deploy device security policy settings • Install mandatory apps • Deploy app restriction policies • Deploy data protection policies Manage and Protect • Restrict access to corporate resources if policies are violated (e.g., jailbroken device) • Protect corporate data by restricting actions such as copy/cut/paste/save outside of managed app ecosystem • Report on device and app compliance User IT

29. Manage and Protect • No existing infrastructure necessary • No existing Configuration Manager deployment required • Simplified policy control • Simple web-based administration console • Faster cadence of updates • Always up-to-date Devices Supported • Windows PCs (x86/64, Intel SoC) • Windows RT • Windows Phone 8.x • iOS • Android Mobile devices and PCs Intune standalone (cloud only) IT Intune web console

30. System Center 2012 R2 Configuration Manager with Microsoft Intune • Build on existing Configuration Manager deployment • Full PC management (OS deployment, endpoint protection, application delivery control, custom reporting) • Deep policy control requirements • Greater scalability • Extensible administration tools (RBA, PowerShell, SQL reporting services) Devices Supported • Windows PCs (x86/64, Intel SoC) • Windows to Go • Windows Server • Linux • Mac OS X • Windows RT • Windows Phone 8.x • iOS • Android Mobile devices System Center Configuration Manager Domain joined PCs Configuration Manager integrated with Intune (hybrid) IT Configuration Manager console

31. Intune standalone (cloud only) Lightweight, agentless OR agent-based management PC protection from malware PC software update management Software distribution Proactive monitoring and alerts Hardware and software inventory Policies for Windows Firewall management Intune standalone (cloud only) Configuration Manager integrated with Intune (hybrid) Lightweight, agentless OR agent-based management Agent-based management only PC protection from malware PC protection from malware PC software update management PC software update management Software distribution Software distribution Proactive monitoring and alerts Proactive monitoring and alerts Hardware and software inventory Hardware and software inventory Policies for Windows Firewall management Policies for Windows Firewall management Operating system deployment PC, mobile device, Windows Server, Linux/Unix, Mac, and virtual desktop management Power management Custom reporting

63. Intune Policies

65. • • • • List of complete settings • • OMA-URI Settings • Configurator Profile • OMA-URI Settings • OMA-URI Settings •

66. If compliant, email access is granted 7 Enrollment / compliance remediation 5 If not compliant, push device into quarantine Quarantine 4 2 Quarantine email with remediation steps Link to enroll device and compliance remediation steps Who does what? Intune: Evaluate policy compliance for device Azure AD: Authenticate user and provide device compliance status Exchange Online: Enforces access to email based on device state Attempt email connection 1 3 Azure Active Directory Set device management/ compliance status 6 Office 365 Mobile device Microsoft Intune

67. Personal apps Managed apps Maximize productivity while preventing leakage of company data by restricting actions such as copy/cut/paste/save in your managed app ecosystem User

68. Enforce corporate data access requirements Prevent data leakage on the device Enforce encryption of app data at rest App-level selective wipe

69. PC Management

71. Resources • MDM in Office 365 overview - https://technet.microsoft.com/en- US/library/ms.o365.cc.DevicePolicy.aspx • Different ways to manage devices with InTune - https://technet.microsoft.com/library/dn957912.aspx • Capabilities of Office 365 MDM – https://technet.microsoft.com/library/ms.o365.cc.devicepolicysupporteddevice.aspx • Manage mobile devices in Office 365 – https://support.office.com/en- us/article/Manage-mobile-devices-in-Office-365-dd892318-bc44-4eb1-af00-9db5430be3cd • EMS now available without Enterprise Agreement - http://blogs.technet.com/b/ad/archive/2015/03/12/azure-ad-and-enterprise-mobility-suite- now-broadly-available-outside-of-an-enterprise-agreement.aspx • Microsoft Intune features - http://www.microsoft.com/en-au/server- cloud/products/microsoft-intune/features.aspx

72. CIAOPS Resources • Blog – http://blog.ciaops.com • Free SharePoint Training via email – http://bit.ly/gs-spo • Free Office 365, Azure Administration newsletter – http://bit.ly/o365-tech • Free Office 365, Azure video tutorials – http://www.youtube.com/directorciaops • Free documents, presentations, eBooks – http://docs.com/ciaops • Office 365, Azure, Cloud podcast – http://ciaops.podbean.com • Office 365, Azure online training courses – http://www.ciaopsacademy.com • Office 365, Azure eBooks – http://www.ciaops.com/publications Twitter @directorcia Facebook https://www.facebook.com/ciaops Email director@ciaops.com Skype for Business admin@ciaops365.com

Microsoft Cloud Device Management comparisions

More Related Content

What's hot (20)

Similar to Microsoft Cloud Device Management comparisions (20)

More from Robert Crane (20)

Recently uploaded (20)

Microsoft Cloud Device Management comparisions