- Microsoft Intune
- August 5, 2022
Choosing mobile device management (MDM) and mobile application management (MAM) solutions for your company can be challenging. With ‘bring your own device’ (BYOD) on the rise, MDM plays a crucial role in controlling corporate data on devices by configuring accessibility policies and data security. Here, the eternal dilemma arises: Should you go with Microsoft System Center Configuration Manager ConfigMgr (SCCM) or Microsoft Intune? Both solutions are parts of Microsoft Endpoint Manager – a single, integrated platform for managing all the endpoints in the organization.
Intune is a cloud-based solution that allows you to manage company-owned and personal devices, while SCCM is a more traditional on-premises solution. Let’s look at both solutions, evaluating their pros and cons.
What is SCCM / ConfigMgr?
According to Microsoft, “SCCM is an on-premises solution to manage desktops, servers, and laptops that are on your network or internet-based.” Originally released in 1994, now part of Microsoft Endpoint Manager (MEM), it focuses on managing Windows devices across the enterprise (300+ devices).
SCCM’s functionality includes:
- OS and applications deployment
- Patch management
- Remote control
- Compliance management
- Integration with Microsoft 365 (co-management)
- Endpoint security (by managing the Windows Defender suite) etc.
SCCM Pros:
- Perfect for complicated application installations
- Ideal for large companies with complex IT infrastructure
- Fixed-price with unlimited usage
- Operating System Deployment
- Various patch management features.
SCCM Cons:
- Configuring and maintaining SCCM can be intimidating for staff. Without proper experience, it might be more trouble than it’s worth.
- As the setup process is on-premises, it isn’t easy for large companies to update software without cloud integration via Cloud Management Gateway (CMG).
- Limited support of non-Windows devices (Linux, macOS) due to cross-compatibility issues.
- Partial support of third-party applications and patch deployment can be confusing and time-consuming.
- SCCM can bring about more costs compared with Intune. Maintenance and operational costs are high because SCCM requires SQL servers to run.
What is Microsoft Intune?
Microsoft identifies Intune as a “cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM).” Being a cloud-based application, Intune has a simpler architecture than SCCM because it does not require on-premises infrastructure to operate. One of the main aims of Intune is to create a secure work environment by controlling device usage and designing customized access policies for devices, including BYODs. Intune can separate corporate data from employees’ personal data on BYODs, which is convenient as they will no longer need several devices. Moreover, with Intune, it’s easy to make sure that all devices are compliant with enterprise requirements.
Intune’s additional features are:
- Application deployment.
- Patch management (via Microsoft Update for Business).
- Control of Windows Defender Antivirus.
- Compliance management.
- Reporting.
Intune Pros:
- Cloud-based service: Device enrollment, management, and control, all managed via a centralized online portal, with no physical servers needed.
- Perfect for smaller application installations.
- Mobile device management.
- Security management.
- Policies to manage the company’s security settings (Conditional access).
- Auto-provisioning of systems (Windows Autopilot).
- Integration with other features from the Enterprise & Mobility Suite.
Intune Cons:
- No support of server-side applications.
- Not intended for large applications.
- Paid subscription model: The fee depends on the volume of used data; for this reason, it’s challenging to plan operational costs.
- No OS updates for non-Windows devices.
- Despite the availability of wipe and retire commands, it’s impossible to track the device.
- Fixed dashboard with no possibility to customize.
SCCM vs. Intune – Overview
| Feature | SCCM | Microsoft Intune |
| Positioning | On-prem | Cloud |
| Costs | Subscription | Subscription (price depends on the used data) |
| Software updates | Supports updates, patches, and software | Supports updates, patches, and software |
| Servers | Servers required | No physical server is needed – requires Internet access |
| Remote features | VPN, Wi-Fi | Remote deployment |
Summary
Microsoft Intune and System Center Configuration Manager offer various features, but it’s up to you to decide which best suits your business. Intune is a cloud-based solution accessible anywhere, making it perfect for remote workers. As a result of the ongoing COVID-19 pandemic, employees are working outside of protected corporate networks, using their own devices, and thanks to Intune, corporate data is safeguarded. Furthermore, Intune supports limited monitoring and managing of non-Windows systems. SCCM is a potent tool that can manage a variety of endpoints and has rich functionality. However, it can be complicated to work with and expensive.
Related posts
Why patch management is important for MSPs
As the world becomes more and more digitized, the importance of patch management grows. Patch management is the process of identifying, acquiring, installing, and verifying
Read More »
Moving your application management from ConfigMgr to Microsoft Intune
As organisations move more and more of their workload to the cloud, it becomes increasingly important to have a cloud-based application management solution. ConfigMgr is
Read More »
How Unpatched Software Affects Your Business
In today’s business world, companies are increasingly reliant on third-party applications to help them run their operations and the importance of keeping software up to
Read More »
