Microsoft - Unified Endpoint Management

Configuration Manager

SCCM provides a unified management console with a set of automated management tools. You can deploy software, patches, and operating systems, protect data, monitor integrity, and ensure compliance.

Intune

The challenge for companies is to let employees choose the devices they use (BYOD) while ensuring that they have access to applications and comply with privacy and regulatory requirements.

System Center Configuration Manager

As a product of the Microsoft System Center suite, SCCM can help you manage devices and users both locally and cloud-based. Configuration Manager helps you increase IT productivity and efficiency by automating tasks and focusing on value-added projects. You maximize the value of hardware and software investments and increase user productivity with the right software at the right time.

Functional Range

Configuration Manager provides a user-centric approach to application deployment that allows administrators to create an application that can be deployed to any user's device. The component evaluates device and network capabilities and optimizes deployment whether through a local installation, streaming through App-V, or through a presentation server such as RemoteApp Remote Desktop Services or Citrix XenApp.

Configuration Manager distributes operating systems to physical desktops, servers, laptops, and mobile devices across enterprise networks, eliminating the inefficiencies and errors associated with manually installing applications. In Windows 10, Configuration Manager can also manage direct upgrades, significantly reducing the time and complexity associated with deploying Windows.

Configuration Manager ensures that you always receive the latest Windows 10 updates, can take advantage of new Windows features as they become available, and seamlessly integrates drivers, BIOS settings, and updates.

 

Configuration Manager simplifies the complex task of deploying and managing updates to IT systems across the enterprise. IT administrators can deploy updates from Microsoft products, third-party applications, hardware drivers, and system BIOS to a variety of devices, including desktops, laptops, and servers.

Configuration Manager provides several methods for monitoring and managing client software after it has been deployed to computers and devices in your organization. You can monitor devices to check their status. In some cases, Configuration Manager can automatically restore or fix the problem based on the problem it detects.

Configuration Manager serves as the infrastructure for System Center Endpoint Protection. It provides a single solution for malware protection, security risk identification and elimination, and visibility of incompatible systems.

Configuration Manager displays client integrity evaluation results and client activity directly in the console and provides alerting and recovery capabilities when integrity statistics fall below specified thresholds.

Your management solution must keep pace with the increasing speed at which updates are deployed in Windows, iOS, and Android. The update and maintenance section of the Configuration Manager console allows you to apply updates for new features, cumulative updates, Microsoft Intune enhancements, and individual fixes more frequently and easily.

Infrastructure updates provide optimized prerequisites for subsequent Windows 10 releases.

You can create a baseline for the "desired configuration status" and ensure that all devices are compatible through automatic maintenance or warnings. Configuration Manager also integrates with System Center Service Manager to automatically create baseline drift incidents.

Take advantage of more energy-efficient hardware with centralized power management client tools. Configuration Manager leverages the built-in capabilities of the Windows operating system to optimize power settings at a specific level.

Configuration Manager can perform an inventory of hardware and software in your organization to give you an overview of available resources. Configuration Manager enables easier custom hardware inventory and inventory scheme extension.

Administrators can have continuous visibility and use of hardware and software resources.

Asset Intelligence translates inventory data into information, providing comprehensive reports to help administrators make software purchase decisions, upgrade plans, and license reports.

With Configuration Manager reporting, you can gather information about users, hardware, software and license inventory, software updates, applications, location status, and other Configuration Manager operations in your organization.

Privacy-compliant basic remote user session and third-party integration Remote solutions in Configuration Manager Console

Role and rights management to set up a support team interface to ensure maintenance and troubleshooting.

Automation

over 200 Powershell Commandlets for a wide range of automation tasks

Function extension

3rd party manufacturer and SCCM community extend the range of functionality

broad user base

many articles, problem solutions and instructions lead to self-help

Cloud Management

SCCM offers full cloud capability

Microsoft Intune

... is a cloud-based enterprise mobility service that supports employee productivity while protecting your enterprise data. With Intune, you can manage mobile devices that your employees use to access corporate data. Essential to this is managing the mobile apps your employees use and protecting corporate information by controlling how your employees access and share it. Always make sure devices and apps are compatible with your organization's security needs.

 

Functional Range

Intune device management works using the protocols or APIs available in the mobile operating systems. It includes tasks such as:

  • registering devices in management so that your IT department has an inventory of devices accessing enterprise services
  • configure devices to ensure they meet the company's security and integrity standards
  • provision of certificates and WLAN/VPN profiles for access to corporate services
  • measure device compatibility against corporate standards, including reporting
  • remove enterprise data from managed devices
  • assign mobile apps to employees
  • configure apps with default settings that will be used when the app runs.
  • control how enterprise data is used and shared in mobile apps
  • remove enterprise data from mobile apps
  • updating Apps
  • reports about the mobile app inventory
  • track usage of mobile apps

App Security is a component of App Management.

  • An awareness of keeping personal information separate from corporate IT.
  • A restriction on what users can do with company information, such as copy, cut and paste, save, and view.
  • Remove enterprise data from mobile apps, also known as selective resetting or resetting of enterprise data.

Windows 10 devices can be managed as mobile devices within the Intune solution.

Comprehensive approach

Manage PCs, servers and mobile devices all from a single management console

Microsoft's solution has its roots in the System Center and combines it with Microsoft Intune (co-management) to provide organizations with a comprehensive, cross-platform, user-centric way to deploy applications and manage user devices, whether they are enterprise-wide networked or cloud-based devices.