Intune builds on a strategy to take Microsoft products and cloud enable them. Intune is for customers who have not deployed Systems Center onsite and is only licensed for desktop management at this time. Intune allows you to avoid costs and complexity by NOT implementing on-premise management. The target audience for Microsoft Intune is the mid market customer.
Intune is available through the Microsoft Business Online Services. If you subscribe to the service you will be able to deploy the latest version of Microsoft's desktop operating system to help standardize the user environment. Subscribers also will get access to MDOP and all its tools (i.e. diagnostic and recovery tool kit for image and password recovery). It is recommended that you configure the following as part of the initial enrollment.
- Product Update Classifications
- Setup Auto approval for patching
- Setup the Agent policy
- Setup Alerts and notifications
Communication is secured through certificates; one for the initial setup and then one per desktop for ongoing management. Intune has been tested on Windows 7, Vista and XP running the latest service pack. For alerting the SCOM management agents are used. These management packs have been tweaked to be less chatty across the WAN.
The console has been intentionally simplified to provide a fairly straight forward operational console. The team that developed Intune worked internally on the Windows Systems Update Server (WSUS) so similar capabilities, concepts and simplicity in setup is apparent when browsing the interface. The console was designed with “surfability” in mind.
Intune will track license compliance and alert on license issues. You can import licensing agreement information to cross reference license compliance. The team expects to have asset tracking in the final release so that hardware and software inventory is available.
In the initial release there is no concept of delegation; all users are essentially administrators. Desktop policies are available and can be configured and deployed to the desktops. The policies are limited in the first release but focus has been put on the most critical settings. The application of policies has been intentionally simplified through the use of templates and wizards. You have the flexibility of enforcing local or domain policies depending on whether the desktops participate in AD.
One of the interesting features is the ability to remote control the machines through the integration of Microsoft Easy Assist. This is end-user driven in the initial service offering meaning the user initiates the request. Due to the integration of system center monitoring you can configure notification rules to send an alert or message for things like an Easy Assist request.
Although Microsoft was intentionally vague about the road map for Intune it is clear that the service is being actively developed to bring new features to market quickly. Demand for the initial Beta preview was so strong that Microsoft closed signup on the day the service was announced.