Intune portal

- [Instructor] Microsoft Intune is a cloud-based device manager. Notice how I said device, whereas Entra ID is more about users and groups and things like that, where Intune is more about devices. Although you can't manage devices without users, so there is some integration. Let's take a look at the dashboard. The dashboard is going to tell us what's going on with Intune. When we have added in devices into the Intune Admin Center, it tells us whether or not those devices are okay. So this is a great dashboard with various different gadgets that tells us how things are going. I have yet to add any devices in, but when I do, you'll be able to see that information here. If I go to All Services, you can see a lot of integration into managing our devices. Managing devices is also called MDM, or Mobile Device Management; whereas managing applications is MAM, or Mobile Application Management. However, even with MDM, you're going to see apps because you need to install those apps onto your devices. Along with applications, you're also going to see security. So if I click on Security, you can see the Endpoint Security that comes with Intune. Here we can add in antivirus management, disc encryption, firewall management, and many other options. I'm going to go back to where it says All Services, and you can see a lot of the things that show up under General are also showing up on the left-hand side. So I can click on Devices, for instance, and here I can see All Devices. I can monitor those devices. You can even separate by platform. So here we have Windows devices. You also have iOS, macOS, Android, ChromeOS, and Linux. So it covers all the most popular operating systems today. If I scroll down, you can see Enroll Devices. And here's the area where you can take a look at different ways you can get devices to enroll. Under Windows Enrollment, we can set up Automatic Enrollment, we can set up Enrollment Notifications and many other options. This also works with Configuration Manager, which is an on-premises application that you can install on a Windows server. And you can co-manage your Windows devices and other devices between applications on Configuration Manager and applications in the cloud in Intune. I'm going to click on Apps next. And if I click on All Apps and then click Add, you can now take a look at the different applications in the various stores. So for instance, there's the Android store, there's the iOS store, et cetera, even the Microsoft Store. And you see both new and legacy Microsoft stores in there. And it includes Google Play and Windows 10 and, later, macOS. Various different options that you can filter down into specific types of operating systems, as well as versions. I'm going to click on the Microsoft Store and then click Select. Next, I'll click on Search the Store. And one thing we use a lot of are PDFs, so I'm going to type in PDF. Let's see all the different applications in the Microsoft Store. Here you can see various different applications that you can use for your devices that are enrolled with the Intune Admin Center. So if we choose a particular PDF, I'll just choose this one here randomly, click Select, now we can see the name, the description, who publishes it, as well as the installation type. And you also see this option for the Company Portal. The Company Portal is a special portal app that's going to be allowed to install applications for users when they access it. It can be customized for your organization. You can also choose a primary URL that users can install this from. And you can create an information URL, which can tell users in your organization about why they would want to use it. Click Next. And now we can choose Assignments. Here we can choose to require specific people to get this particular application, as well as the enrolled devices. So there's lots of different ways that we can install applications. We can either enforce the application installations or we can just make it optional. Next, we'll check out Endpoint Security. Of course, all Windows computers come with Defender on it. However, you can manage Defender from this particular location if you'd like, using this console. So I'll click on Manage Antivirus. And you can create policies that you can push out to user devices. So first off, you've got the option for Windows 10 and 11, as well as Windows Server, but it also allows you to manage for other operating systems that you see here as well. Now, I can choose a profile. Let's choose Defender Antivirus, for instance, and click Create. Now we can give it a name. I'll call it Default AV. Click Next. And now we can choose to configure. Here we have a lot of the same options that you have on your Windows 10 and 11 and Server devices already, such as whether or not to allow archive scanning, as well as behavior monitoring, cloud protection, things like that. I'm going to cancel out and I'm going to go to where it says Users. All the users you see here are the same users that show up in Entra ID. There's a synchronization between all the different admin consoles. Where you're going to affect any user in one console, you're going to affect those users in others as well. So for instance, I'll just click on Jennifer, and you can see all the same types of options that you'd see if you were in Entra ID. And as I mentioned earlier, even though this is really a device management center, you cannot get away from the fact that it also affects users that log into those devices, and that's because you never know who's going to log into each device. Today a device may be owned by one user, but tomorrow it might be owned by another because they've been replaced. You also see the option for Groups, which gives us the same groups that you would see in Entra ID. And then we have the option for Tenant Administration. Tenants in Azure are a way that we can separate various different clients or businesses. Let's say that you own multiple different companies and you need to manage each of these tenants separately because there has to be a separation for tax purposes or legal purposes. You might also be a managed service provider that has many different clients, and each client could be a tenant in your organization where the one tenant cannot affect anyone else in the other tenants. And you can add and manage additional tenants in the Entra ID Admin Center. Microsoft Intune is a subscriber-based licensed product that can be applied in the admin.microsoft.com console. From there, you can add Windows and other operating system devices in the Intune Admin Center, where these devices can be managed according to your organization's policies.