Microsoft Intune and Co-Management

For anyone interested in managing Windows 10 and other devices by using both Configuration Manager (SCCM) and Microsoft Intune.

What is co-management and how does it work?

Co-management is a bridge between traditional and modern endpoint management that enables admins to manage Windows 10 and other devices by using both Configuration Manager (SCCM) and Microsoft Intune. Admins can also take advantage of the robustness in managing SCCM legacy devices and enjoy the flexibility of Intune.

Important note: the admin is the one controlling the workloads that should be switched from Configuration Manager to Intune, but configuration Manager will continue managing all other workloads and other features of Configuration Manager that co-management doesn’t support.

The admin can also pilot a workload with a separate collection of devices. Piloting gives the opportunity to test the Intune functionality with a subset of devices before switching to a larger group.

As mentioned above, one of the advantages of co-management is the flexibility to use the technology that works best for your organization. Find more detailed information in this Microsoft blog here.

SCCM and Microsoft Intune features

General features for SCCM and Intune

Implementation prerequisites

* optional components
Microsoft Intune Architecture

For your reference, this diagram showcases how Microsoft Intune along with Co-management enables your connection to the Microsoft 365 Cloud. This scheme can be put into practice, if your business already has SCCM infrastructure. 

Some customer use cases

Thanks to these features, we’ve been able to work with customers from different industries to support their specific co-management challenges and needs. Below are some examples: 

1. Allowing access only to devices aligned with the security policy

In the healthcare sector, some of our clients have collaborators that work remotely, so managing the deployment of monthly patches and evaluating security baselines are essential for the company.

At VNEXT iQ, we were able to implement Co-management to help the organizations restrict access to Office 365 resources to those devices that didn’t have the previous month’s patches or any other security elements such as updated Antivirus client and Disk encryption.

In addition to this, we’ve been doing an evaluation of very specific parameters by using SCCM, and later on implementing self-remediation recommendations provided by SCCM.

Once all these elements were verified together with the compliance measurement by Intune, the objective of providing access to devices up to date on security patches was achieved.

2. Application Deployment

Another recent case that we can share is related to an organization that was having difficulties with deploying applications. The main reason behind was the enormous number of devices being not placed on the corporate network.

The Co-management was introduced, so the customer could stabilize this process, since it was able to identify those remote devices. For this scenario, Intune enabled the deployment of required actions for internal devices. 

To sum up, Microsoft Intune and Co-management have become a valuable solution for all the enterprises operating with multiple devices. 

Our consultants have been constantly implementing Microsoft Intune and Co-management for customers from diverse industries, so reach out to VNEXT experts here to support you with your specific needs.