Endpoint Manager by Microsoft is an On-Premise and Cloud-based Security solution that helps us to provide the modern workspace and management functions to keep our data safe, both in the cloud and on-premises.
Endpoint Manager is for monitoring and configuring mobile devices, desktops, virtual machines, embedded devices, and servers. Since, it’s designed to reduce the time and effort needed to manage desktop and mobile work environments.
What are the services that endpoint manager offer?
Endpoint Manager provides the following services:
- Microsoft Intune
- Configuration Manager
- Desktop Analytics
- Windows Autopilot
- Azure Active Directory (AD)
- Endpoint Manager admin center
1. Microsoft Intune
Microsoft Intune lets you control features and settings on several devices such as Android, Android Enterprise, iOS/iPadOS, macOS, and Windows 10 devices. It also integrates with other services, including Azure Active Directory (AD), mobile threat defenders, ADMX templates, Win32 and custom LOB apps, and more.
We use Intune to create and check for compliance, and deploy apps, features, and settings to your devices using the cloud.
2. Configuration Manager
Basically, Configuration Manager is an on-premises management solution to manage desktops, servers, and laptops that are on your network or based on internet. You can cloud-enable it to integrate with Intune, Azure Active Directory (AD), Microsoft Defender for Endpoint, and other cloud services.
We can use configuration manager to deploy apps, software updates, and operating systems. You can also monitor compliance, query and act on clients in real time, and much more.
Co-management is used to combine your existing on-premises configuration manager investment with the cloud using Intune and other Microsoft 365 cloud services.
4. Desktop Analytics
Desktop Analytics is a cloud-based service that integrates with Configuration Manager. It provides insight and intelligence for you to make more informed decisions about the update readiness of your Windows clients.
It’s service combines data from your organization with data aggregated from millions of devices connected to the Microsoft cloud. It also provides information on security updates, apps and devices in your organization, and identifies compatibility issues with apps and drivers as well.
5. Windows Autopilot
Windows Autopilot sets up and pre-configures new devices, prepare them ready for use. Well, it’s designed to simplify the life-cycle of Windows devices, for both IT and end users, from initial deployment through end of life. You can also integrate Autopilot with Configuration Manager and co-management for more complex device configurations.
6. Azure Active Directory (AD)
Azure AD is used by Endpoint Manager for identity of devices, users, groups, and multi factor authentication purposes (MFA).
You can use Azure AD Premium, it may be cost additionally and it has extra features to help protect devices, apps, and data, including dynamic groups, auto enrollment, and conditional access.
7. Endpoint Manager admin center
The admin center is a one stop web site to create policies and manage your devices. It plugs-in other key device management services, including groups, security, conditional access, and reporting. This admin center also shows devices managed by Configuration Manager and Intune.