Introduction to Microsoft Intune
Microsoft Intune ConsultantsMicrosoft Intune complements System Center Configuration Manager (SCCM) by offering device and application management for Internet-facing mobile computers that are not domain joined to the corporate network. Microsoft Intune provides Cloud-based Mobile Device Management (MDM), conditional access, fine-grained policy configuration, and Mobile Application Management (MAM) capabilities. Intune also integrates with SCCM to provide single-console management that extends your SCCM infrastructure across devices on-premises and in the Cloud. Microsoft Intune was initially available on a per-user (not per-device) subscription basis either as a stand-alone service or as a component of Microsoft's Enterprise Mobility Suite (EMS), which also includes Microsoft Azure Active Directory Premium and Microsoft Azure Rights Management. Intune was later added to Microsoft's Azure-based Endpoint Manager service along with Configuration Manager. (Learn about Progent's Microsoft Azure planning and cloud integration consulting services.)

SCCM pushes an agent utility to client devices, which rely on traditional techniques such as VPN tunneling, reverse proxy servers, or ADFS servers placed behind the corporate firewall to position remote devices functionally within the protected perimeter. Microsoft Intune can support mobile devices that will not accept an agent, such as Apple iPhones and iPads, and that are not domain joined but simply connect through the Cloud. Because Microsoft Intune takes advantage of the Cloud-based infrastructure of Microsoft Azure Active Directory, IT managers can provide the convenience of single-sign-on for users with multiple devices and protect corporate resources by requiring enrolled devices to comply with a consistent set of policies. Authorized users can register, enroll, and manage their devices and install corporate applications from a web-accessible self-service Company Portal. Microsoft Intune supports current versions of Windows, Windows Phone, iOS, and Android, but does not support BlackBerries.

Microsoft Intune is evolving continually and therefore its appropriateness for different environments and usage scenarios can improve over time. Progent's Microsoft-certified consultants can help your organization understand the business case for adopting Microsoft Intune for managing some or all of your mobile devices and can help you set up pilot tests to evaluate the benefits of Intune for your environment. Progent can provide full project management services or as-needed consulting to help you migrate to Intune from your current MDM solution or integrate Intune with System Center Configuration Manager for a unified, enterprise-class device management solution. Progent can also help you utilize Intune to enhance the built-in management capabilities of Office 365 applications, integrate Intune with Exchange ActiveSync, and review your policies to ensure they are consistent with industry best practices and regulatory compliance.

Capabilities of Microsoft Intune
Microsoft Intune builds on the basic MDM capabilities incorporated into Office 365 and enhances these with extended MDM features plus Mobile Application Management and PC Management to offer a comprehensive solution for managing enterprise mobility. Major capabilities of Microsoft Intune include:

Mobile Device Management (MDM)
The challenge for a modern MDM system is to protect corporate resources and meet compliance requirements while creating an easy-to-manage environment that maximizes the productivity of users who may each work with multiple mobile computing devices (laptops, smart phones, tablets) which in turn may be powered by a variety of operating systems (Windows, iOS, Android, Linux). Microsoft Intune offers a solution to this problem by providing a full-featured set of MDM capabilities.

  • Self-service Company Portal
    You can set up a custom Intune Company Portal to provide a self-service solution for users to enroll their own mobile devices, find company apps to install, and see other devices they have added. Required apps can be pushed from the Company Portal directly to enrolled devices. By enrolling in the Company Portal, users also give administrators permission to manage their device.
  • Simple Deployment of Connectivity Profiles and Certificates
    Intune's resource access profiles allow you to pre-configure mobile devices with the connectivity settings they need for email and for Wi-Fi or VPN access to company files. This eliminates the need for end users to configure VPN and Wi-Fi settings on their own for every device they enroll with Intune. You can also automatically deploy certificates to enrolled devices to help secure these connections.
  • Comprehensive Policy Management
    Intune offers a rich set of configuration policies for managing mobile devices, providing significantly more granularity and control than is available through the MDM features included with Office 365. Examples of these configuration policies include enabling/disabling cameras or Bluetooth, defining password length and strength, requiring data encryption, and a kiosk mode that allows you to limit a device to running a certain application or disabling a device's power and volume buttons. When you need policies that are not included, Intune allows you to configure OMA-URI settings to create custom policies or, for iOS devices, you can import settings you exported from the Apple Configurator Tool.
  • Conditional Access
    Intune's conditional access feature allows you to define security criteria for restricting access to corporate resources such as Exchange email, Outlook email, OneDrive, or SharePoint Online. For example, you can deny access to a resource if a mobile device is unenrolled, out of compliance, or has been jailbroken or rooted (i.e., has unauthorized modifications in its operating system).
  • Bulk Enrollment for Apple iPhones and iPads
    Once you acquire an Apple Push Notification service (APNs) certificate for an iOS device, Intune allows you to enroll corporate-owned iPads and iPhones in bulk by using Apple Configurator. You can also simplify the enrollment of iOS devices bought directly from Apple by using the Device Enrollment Program (DEP), which supports hands-free setup and also allows Intune to perform Enrollment Profile uploads to Apple and to assign devices to those profiles.
  • Lockdown Policy Enforcement
    Intune can enforce strict lock-down policies for Supervised iOS devices, Android devices in Kiosk Mode, and Windows Phone devices using Assigned Access.
Mobile Application Management (MAM)
Mobile Application Management (MAM) involves imposing policies on certain functions of specific applications so that corporate compliance and security policies are not unintentionally or intentionally compromised by mobile users. Examples of modified functionality within a managed application are restrictions on cut and paste, saving files, or requiring that an app open hyperlinks only within a managed web browser. Microsoft Intune supports a growing array of MAM features for Windows, IOS, and Android-based mobile devices.
  • Office 365 In-built Mobile Application Management
    You can modify the functionality of Office 365 apps (for example, preventing Save As or requiring encryption) for Windows, iOS, and Android devices to protect against leaks of company data and to assure adherence to your organization's compliance and security policies.
  • Intune App Wrapping Tool
    You can apply your policies to your existing line-of-business applications that do not have built-in support for Intune application management by using the Intune App Wrapping Tool. This avoids having to recode your LOB applications.
  • Secure Content Viewing
    Users can view managed application content in compliance with your Intune policies by using Intune's managed web browser, PDF Viewer, AV Player, or Image Viewer.
  • Selective Wipe
    Administrators and device users can safeguard corporate data without erasing personal information via selective wipe of managed applications and associated data in cases where a device is retired, non-compliant, or missing. Intune also offers full wipe, remote lock, and passcode reset capabilities.
  • Streamlined App Deployment
    Administrators can automatically push selected apps to a managed device during enrollment, and authorized users can install corporate apps from Intune's self-service Company Portal. Administrators can also assign apps to be automatically uninstalled.
  • Access Control
    You can prevent specified apps or web sites from being accessed on managed mobile devices. Intune's managed web browser lets you create allow/block lists to control which web sites users can access.

    Microsoft Intune Planning and Support Consultants

    Microsoft Intune supports unified Mobile Device Management (MDM), Mobile Application Management (MAM), and PC Management
PC Management
For computers that are not enrolled with Intune as mobile devices, Intune provides client software that runs on the PC. (Windows 11 and Windows 10 PCs can be managed using the Intune client or they can be enrolled as mobile devices.) Once the Intune agent is installed, the client PC supports a variety of centralized management functions such as application management, Endpoint Protection, hardware and software inventory, software updates, and reporting about compliance settings. Intune PC management capabilities include:
  • System Center 2016 Configuration Manager and SCCM 2012 Integration
    You can integrate your current System Center Configuration Manager infrastructure with Intune to create a hybrid on-premises and Cloud-based management solution for PCs, Macs, and Unix/Linux servers along with most mobile devices, all controlled from a single console. (For information about SCCM 2016, refer to Progent's consulting services for System Center 2016 Configuration Manager.)
  • Endpoint Protection
    Intune Endpoint Protection scans files and applications on client PCs for malware threats, checks for suspicious activity patterns, and uses signatures of known vulnerabilities from the Microsoft Malware Protection Center to help detect and block malicious network traffic. Intune Endpoint Protection works in realtime and updates automatically.
  • Hardware and Software Inventory
    You can gather information about hardware configurations and software installed on managed devices in order to create reports, organize computer groups, and plan efficient software deployments.
  • Policy-based Software Deployment and Firewall Configuration
    You can deploy polices to your managed computers that control when and how software updates are installed, and you can review and edit updates prior to deployment. You can also use policies defined by the administrator to configure the Windows Firewall settings on client computers.
  • Remote PC Restart
    You can remotely restart a managed computer or group of computers from the Microsoft Intune administration console.
  • Retire a Computer
    You can retire a computer or a selection of computers by using the administration console. A retired PC is removed from the Intune inventory and the associated license is freed for re-use. Intune's client agent and Endpoint Protection software is removed from the retired device, any policies are removed, and the values that were set by the policy are changed.
How Progent Can Help You with Microsoft Intune
Progent can help your organization determine whether it makes the most sense to set up Intune to manage your mobile devices as a standalone solution, as an extension of System Center Configuration Manager, as part of a Microsoft 365 subscription, or as part of the Microsoft Enterprise Mobility Suite. Progent can also help you design, test, deploy and troubleshoot your Intune management solution. Progent's mobile computing experts can help you integrate Windows, iOS, and Android devices with Intune by providing services that include iPhone and iPad integration and Android phone and tablet consulting. Progent's certified network security consultants can help you make sure your mobile device security policies follow industry best practices and align with your internal policies and with regulatory requirements. Progent's Cisco-certified CCIE network infrastructure consultants can help you optimize your network topology to accommodate your mobile and local workers and support on-premises, multi-site, Cloud-based, or hybrid infrastructures.

Progent can help you migrate efficiently to Microsoft Intune from older MDM platforms and can provide Windows 11 planning and migration consulting and Windows 10 integration expertise to bring your Windows PCs up to date. Progent's Microsoft-certified Windows Server 2022 integration professionals, Windows Server 2019 migration consultants, Windows Server 2016 consultants and Windows Server 2012 R2 experts can help you build a cost-effective server infrastructure that supports modern configuration management solutions. Progent offers comprehensive project management outsourcing or task-based consulting services, and Progent's disaster recovery planning consultants and business continuity experts can help you develop a device management solution that offers enterprise-class availability and recoverability.

Progent's experience providing advanced online consulting can save you time and money in deploying Microsoft Intune. Progent has provided online IT solutions to organizations of all sizes in every state in the U.S. (For a selection of customer testimonials, see Progent's customer testimonials.) Progent also offers onsite consulting in major metropolitan areas throughout the U.S.

For more information about Progent's planning, consulting and troubleshooting support for Microsoft Intune, phone 1-800-993-9400 or visit Contact Progent.

Progent's Consulting Services for Microsoft-based Technology
Progent's Microsoft-certified consultants offer the breadth of expertise to your go-to solution provider for advanced consulting, integration and troubleshooting support for Microsoft products and services. Progent can assist you to plan, test, implement, administer, and remediate IT environments that incorporate Microsoft business products by providing services that include:

If you need immediate online support from a certified network expert, see Progent's Remote Consulting and Technical Support.

Find out more details about Progent's Consulting and Support Services for Microsoft .NET Server Technology.



An index of content::

  • 24-Hour Ransomware Cleanup and Restore Bradford Maze Ransomware Hot Line Leeds
  • 24-Hour San Juan Phobos Ransomware Remediation San Juan, USA San Juan, United States San Juan Phobos Ransomware Removal
  • 24x7x365 Cisco CCIP Network Consulting Full-Time Jobs New York, New York Wall Street ISSAP Engineer Positions
  • Microsoft Intune Onsite Technical Support
  • 24x7x365 Telecommuters Savannah Assistance - VoIP Technology Expertise Savannah Georgia Savannah Offsite Workforce IP Voice Technology Consultants Savannah Georgia
  • Beverly Hills-Hollywood Computer Network Companies Emergency Beverly Hills Network Documentation
  • Support Intune and Windows 10
  • Charlotte/Douglas International Airport CLT, USA Charlotte Maze Ransomware Mitigation Charlotte Hermes Crypto-Ransomware Business Recovery Charlotte North Carolina

  • 24x7 CRISC Certified Risk Monitoring Integration Support
    CRISC Certified Cybersecurity IT Consultant

    Progent's disaster recovery planning and business continuity professionals can show you how to create a disaster recovery plan in case of an IT network catastrophe. Progent can help you define a comprehensive disaster recovery strategy that incorporates periodic disaster recovery assessments and testing. Progent's Microsoft and Cisco-authorized consultants can also help you create an affordable, zero-downtime system solution that takes into account reliability issues covering a wide range of infrastructure technologies and processes.

  • Check Point 5000 Firewalls Security Audit Services Check Point 9000 Quantum Force Firewalls Security Company
  • Colorado Springs Work from Home Employees Cloud Integration Solutions Guidance Colorado Springs, CO, America Colorado Springs Fort Carson, America Work from Home Employees Colorado Springs Consulting - Cloud Integration Technology Consultants
  • Consult Google Cloud GKE Services Google Cloud hybrid cloud integration
  • Consulting Services for Lakeland Computer Support Organizations 24x7 Consulting for Network Service Companies in Lakeland - Seamless Short-Term Support Team Assistance
  • Emergency Augusta-Richmond County Consulting Services for Network Service Firms Augusta, GA Expertise for Network Support Providers near Augusta-Richmond County - Transparent Temporary IT Support Assistance Richmond County

  • Freelance Microsoft Consultant Open Positions
    Contract Network Consultants Subcontractor Job

    If you are an information technology engineer with technical support expertise, joining Progent and helping our customers will expand your skills via interaction with Progent's staff of mutually supportive, world-class consultants. Progent's concentration on providing network expertise and technical help to small and midsize companies will give you the opportunity to consult closely with business leaders and add significantly to the growth of exciting organizations. In addition, Our virtual office environment provides state-of-the-art technology for remote service and wireless access to help you to come up with fast fixes when you take on business-critical problems.

  • Information Technology Outsourcing Company Rancho Cordova 24x7x365 Folsom Contractor

  • Job Opening Compensation for Senior Network Engineer
    Career Opportunities Compensation for Microsoft Consultants

    Progent's compensation model is based on revenue sharing, so just like working as a freelance consultant, your earnings are directly tied to your generated revenue. Some of our consultants focus on quality of life and choose to work at an easy pace, utilizing our flexible schedule to follow individual enthusiasms like mountain biking, motorcycle racing, skiing, surfing, vacations, or spending private time with relatives and friends. Other consultants use the opportunity to make major dollars through hard effort and long hours. Progent fully supports either end of the spectrum and everything in between.

  • Juniper SA4500 SSL VPN Security Organizations Juniper SA2500 SSL VPN Security Evaluation
  • Largest At Home Workers Buffalo Assistance - Connectivity Solutions Consulting Buffalo, NY Buffalo, NY Teleworkers Buffalo Consulting - Support Assistance
  • Manchester Work from Home Employees Collaboration Solutions Consulting Services Manchester Manchester Remote Workforce Collaboration Solutions Consulting and Support Services Manchester, NH
  • Miami, Florida Small Business IT Support Firms Miami Setup Service
  • Open Now ISSAP Certified Cybersecurity Companies Largest Server Security Cybersecurity Consultancies Ottawa
  • Petaluma At Home Workforce VoIP Systems Consulting Experts Sonoma County Telecommuters Consultants nearby Petaluma - IP Voice Systems Guidance
  • Microsoft Intune Migration Consulting Services
  • ProSight Reporting Auvik Network Managemrnt Network Consultant ProSight Reporting Remote Infrastructure Management Professionals
  • Microsoft Enterprise Mobility Suite Setup and Support
  • San Bernardino County San Bernardino Work at Home Employees Set up Guidance Offsite Workforce Consulting near San Bernardino - Integration Solutions Consulting
  • San Diego UCSD NotPetya Ransomware Forensics San Diego-La Jolla, California San Diego UCSD Maze Ransomware Forensics Investigation San Diego
  • San Juan-Caribbean 24x7x365 San Juan Remote Workers Backup Solutions Consulting Experts Top Ranked Telecommuters San Juan Expertise - Backup Systems Consulting Services San Juan
  • Sandy Springs-Cumberland, Georgia Remote Workforce Sandy Springs Consulting Services - Connectivity Solutions Guidance Offsite Workforce Sandy Springs Consulting Services - Connectivity Solutions Consultants Sandy Springs-Kennesaw

  • 24 Hour Remote Workers Cybersecurity IT Consultants
    Online Support Offsite Workforce Security

    Progent can help small and mid-size organizations to install network security protection systems and provide mitigation services required for remote workers.

  • Santa Ana-Costa Mesa Information Technology Consultants BlackBerry Desktop Manager 24x7 BlackBerry Email Troubleshooting Orange County
  • Telecommuters Expertise in Omaha - Cloud Integration Systems Consulting Experts Omaha Nebraska Omaha, Douglas County Teleworkers Omaha Consulting Services - Cloud Technology Assistance
  • Virtual Office Job Microsoft Remote Consultant Los Angeles County, USA Computer Security Consulting Openings Los Angeles County

  • Open Now GIAC Certified Intrusion Analyst (GCIA) Security Consultants
    Checkpoint Certified Systems Associate (CCSA) Assessment

    Progent provides customers access to consultants who have earned some of the computer industry's most prestigious certifications. Progent believes that clients have the right to know that their computer support providers have formal training plus extensive practical backgrounds so that Progent's customers can engage Progent's support with trust. In many cases, vendor credentials such as the CCIE confers priority for substantially better vendor support than is offered to non-certified service providers, allowing Progent to offer customers a better level of computer support. In addition, major credentials such as CISA or ISSAP for IT security can help enterprise customers to show compliance with regulatory demands by using the assistance of recognized IT professionals.


    © 2002-2025 Progent Corporation. All rights reserved.