Unboxing the Intune Suite
Here we go - the full Microsoft Intune Suite is released in February 2024 🥳 We now got Microsoft Cloud PKI, Advanced Analytics and Enterprise Application Management in the portfolio. This blog post shows a first look at the features, their benefits and how to get started.
These features will expand, fortify and simplify Intune as a product and will benefit the overall return on investment (ROI). See the new features:
- 🆕 Microsoft Cloud PKI - cloud-based certification authority with integrated SCEP endpoint for certificate deployment to endpoint
- 🆕 Advanced Analytics - AI powered data collection and correlation to optimize your endpoint infrastructure
- 🆕 Enterprise Application Management - Microsoft catalog of common apps to deploy with Intune
- Endpoint Privilege Management - Windows elevation management for least-privilege and just-in-time access
- Remote Help - remote assistance tool, natively integrated into Intune
The Intune Suite comes as an additional license at extra cost per user, per month. Intune is separated in three plans:
- Intune plan 1 - core capabilities of Intune, is integrated in other licenses
- Intune plan 2 - additionally to plan 1 for more capabilities
- Intune Suite (includes plan 2, but not plan 1)
Furthermore, the features from the Suite are available as add-ons separately from the full plans.
Cloud PKI allows you to go cloud-native in terms of certificate deployment, which means you can provision a certificate authority with just a few clicks and provide computer certificates to endpoints. With this built in service, Microsoft hosts everything for you to manage certificates on your endpoints.
- 🚀 Provision cloud-only certificate authorities with a SCEP endpoint URL so endpoints can request their certificate
- 🔐 Use 802.1x certificate-based authentication to your network, VPN or other services - learn more about certificate deployment with Intune
- ☑️ No need to operate or maintain on-premises PKI
Advanced Endpoint Analytics is a data-driven analytics toolbox included in Intune. The collected data from endpoints is automatically sent to Intune, analyzed with machine learning to identify anomalies and then presented in insightful reports.
- 📖 Collect and analyze richer datasets
- ⚡ Make use of real-time device query
- 🧠 Improve your endpoint management operations and effort with on point reports and recommendations
Navigate to Intune > Reports > Endpoint analytics and find everything related to reports, anomalies and scores for different catgories. At the right you already see insights and recommendations.
Even more powerful is the real-time device query, powered by KQL, which is accessible from a device object in Intune:
Enterprise Application Management
Enterprise Application Management provides IT admins with a built-in app catalog with lots of common apps. Customers that go with this feature, do not need to package software manually on their own and can rely on the catalog by Microsoft. App deployment and updating is crucial to fix security vulnerabilities and increase performance. The value of Enterprise Application is in:
- 🧺 Serve from the up-to-date and rich app catalog, hosted and populated by Microsoft
- 🙌 Deploy all apps with Intune, provide them for self-service in the Company Portal
- ⚒️ Always deploy the latest app version and fix security patches with an update workflow
Navigate to Intune > Apps > Windows and add a new App from the category Enterprise App Catalog app:
Add one from the catalog and benefit from prepopulated sources, install parameters and detections.
Endpoint Privilege Management
Endpoint Privilege Management allows standard users to run applications with privilege rights, without the need to be local administrators. This is a massive security improvement and supports your zero trust strategy.
- ⬆️ Elevation rules are defined per file, identify and detect through file hash or certificate
- 🪶 Agent is automatically deployed, once a EPM policy is targeted
- 🧩 Integrated option when in the "right click" context menu of Windows
- 🔍 Review reports on managed and unmanaged elevation and other filters in Intune
Navigate to Intune > Endpoint Security > Endpoint Privilege Management
- Create an elevation settings policy in Intune to define the behavior of EPM elevations for end users
2. Create a elevation rules policy in Intune to detect files that are allowed to elevate with EPM, configure the elevation conditions and file information
3. The end user can now "right click" on a file and launch it with "Run with elevated access". If a file is 'recognized' from an elevation rules policy, it will successfully launch elevated and trigger the elevation conditions and if the file is unknown there is an error message.
Remote Help is a remote assistance tool that comes with a native integration to Intune and brings these benefits:
- Native integration into Intune portal, support staff can launch the remote assistance session right from the device object
- Sign-in with SSO and your Entra account
- ✅ Compliance check built in, there is a disclaimer when approaching to connect to a not compliant device
- ✔️ Support for UAC, chat, view only, laser pointer, annotation and more
- 🔍 Reports in Intune on connection details
- Enable Remote Help in the tenant
2. Deploy Remote Help as Win32 application to Intune to your endpoints, described here
3. You're ready to start remote assistance 🚀 as IT admin go to a device in Intune and choose "New remote assistance session"
4. A notification is sent to the user's device (right PC), he needs to "Open Remote Help"
5. The helper can now choose how he wants to connect to the user and afterwards the user needs to allow the request and there we go! The connection for support is established