top of page
  • Writer's pictureChris Hudson

[Video] The Intune Suite - An overview of the add-on & its features

In this video, we'll be taking a high-level look into the Intune Suite add-on and license type, as of late 2023, specifically focusing on what the service actually is, what each of the included features offers, and how you can procure the solution and the components within.

What is the Intune Suite? The Intune Suite is a bundle of multiple advanced device management capabilities, each offering a sophisticated solution for further managing and securing your endpoints, above & beyond what's already included within the existing and standard Intune Plan 1 offering.







📈Advanced Endpoint Analytics builds upon the basic analytic offering which arrives with Intune Plan 1. This basic offering provides foundational reporting capabilities around startup performance & startup times for your endpoints, provides statistics around the reliability of installed applications, and gauges the device's potential to work from anywhere. Advanced Endpoint Analytics introduces additional components such as Anomalies, Device Scopes, and Device Timelines.

📊Intune Advanced Analytics further builds upon Advanced Endpoint Analytics by introducing access to near-real-time data, as well as incorporating further useful metrics such as visibility into hardware health, such as batteries. Near-real-time access to data is facilitated by the ability to directly query a device using KQL (Kusto Query) which is a natural language method of querying. Using device query, you can efficiently and seamlessly gain access to useful information such as Performance statistics, configuration, hardware specifications, software information, registry keys, and network information.

🔒Endpoint Privilege Management enables organisations to empower users to operate as standard users on their endpoints, but also elevate as local administrators as and when required, but only for apps & services an administrator has defined. This replaces the need to grant power users explicit and device-wide local administrator permissions to their endpoints, as we can now grant elevation capabilities at a more granular level. This concept embraces and supports a zero-trust approach.

✈️Firmware Over the Air Update provides a comprehensive software update capability for those Android endpoints that don't support the basic over-the-air update controls offered within the device restrictions policy for Android Enterprise, or those devices that require a more granular approach. The types of patches available include software updates, security patches, and feature updates. FOTA integrates with third-party services such as Zebra LifeGuard and Samsung Knox to offer a more efficient and convenient method of deploying updates to these Android devices.

📱Tunnel for MAM builds on top of the Microsoft Tunnel VPN Gateway solution which is commonly adopted for corporate mobile devices, by providing a similar solution for personally owned / BYOD mobile devices such as Android & Apple endpoints. If you have on-premises resources that personal devices require access to, such as line-of-business web applications, this may be the solution for you. Much like MAM Application Protection Policies, this solution protects user privacy whilst not compromising on security.

🧑‍💻Remote help offers a cloud-first approach to secure remote access to end-user endpoints, such as for service desk engineers. The solution fully supports role-based access control so you can determine which users have certain levels of access (View / Elevate / Full Control) to which devices. The solution works by both parties, the initiator and recipient, creating a trust via Entra ID once their identities have been authenticated and verified. The solution can also integrate with Conditional Access and can support grant controls such as endpoint compliance and location.

🤖Specialised Device Management further expands the device management, protection, and configuration capabilities beyond standard Android/Apple mobile devices such as phones & tablets to more specialised and purpose-built devices such as AR/VR headsets, like HTC, Hololens, and Meta Quest products. Specialised Device Management also supports unattended devices such as printers and meeting room hubs, including Microsoft Surface Hubs.

💻Enterprise Application Management hugely simplifies the packaging and deployment process for applications, but also provides a much-needed & seamless solution to cater for the ongoing requirement to update these applications thereafter - And yes, we're also talking about third-party applications here too.

☁️Cloud PKI offers a cloud-first approach to Public Key Infrastructure and certificate deployment and management. As we know, its predecessor, the on-premises Certificate Authority, can be hugely complex and time-consuming to maintain, not to mention its reliance on infrastructure, which is costly and needs to be patched frequently. You can configure a PKI environment within minutes using Cloud PKI, rather than weeks.



bottom of page