Posts

Additional capabilities of the Intune Suite

Image
The Intune Suite offers several advanced capabilities beyond its core functionality, which I will give an overview of in the following article. These include support for specialty devices, firmware over-the-air updates, and Microsoft Tunnel for Mobile Application Management (MAM). Together, these features help organizations manage a wider range of devices, ensure up-to-date firmware, and provide secure access for mobile apps without requiring full device enrollment. 🚇 Microsoft Tunnel for Mobile Application Management Introduction Microsoft Tunnel for MAM lets users securely access company data on their personal devices, no device enrollment required. With support for modern authentication, single sign-on, and Conditional Access, it keeps work secure without giving IT access to the whole device. It’s a smart way for companies to boost security while still respecting user privacy and keeping things simple. Architecture Microsoft Tunnel is a VPN gateway for Intune that runs on a Linux c...

What is the Intune Suite?

Introduction The Microsoft Intune Suite is a set off 8 add-on capabilities that build on top of the current Intune ecosystem to enhance and complete the already vast feature set. You can purchase the Intune Suite as a bundle license on top of Intune itself or as separate licenses for each capability. In addition, some Microsoft 365 plans also include Intune Suite features. Capability Standalone add-on Intune Plan 2 Intune Suite M365 E3 M365 E5 Endpoint Privilege Management ✅ ❌ ✅ ❌ ✅ Enterprise App Management ✅ ❌ ✅ ❌ ✅ Advanced Analytics ✅ ❌ ✅ ✅ ✅ Remote Help ✅ ❌ ✅ ✅ ✅ Microsoft Tunnel for Mobile Application Management ❌ ✅ ✅ ✅ ✅ Microsoft Cloud PKI ✅ ❌ ✅ ❌ ✅ Firmware-over-the-air update ❌ ✅ ✅ ✅ ✅ Specialized devices management ❌ ✅ ✅ ✅ ✅ 📜 Features Name Description Endpoint Privilege Management Enables users to run with least privilege while allowing approved tasks to elevate. Enterprise App Management Provides a catalog of Win32 apps in Intune with default install, requirements, an...

How to Implement Intune Remote Help

Image
Introduction Remote Help is a Microsoft cloud-based remote support tool designed for IT teams. It enables support staff (helpers) to securely connect to users’ devices (sharers) using organizational accounts via Microsoft Entra ID, ensuring secure and authenticated sessions. With Remote Help, you can leverage Intune’s role-based access control (RBAC) to define exactly who can provide support and what level of access they have. This gives organizations granular control over remote assistance, helping maintain security and compliance throughout the support process. Features Support for unenrolled devices: You can enable assistance for users on devices not enrolled in Intune. Organization sign-in: To prevent impersonations, both the helper and the person receiving support use Microsoft Entra accounts to verify their identity. Compliance warnings: If a device doesn’t meet your organization’s compliance policies, helpers will see a warning before connecting. Role-based access control (...