Microsoft Endpoint Manager: Configuring Devices with Microsoft Intune

Intune Overview

Intune is the component of Enterprise Mobility + Security (EMS) that manages Windows 10/11 systems, mobile devices and apps. It integrates closely with other EMS components like Azure Active Directory (Azure AD) for identity and access control and Azure Information Protection for data protection.

• Microsoft Endpoint Manager
• Intune Overview
• Intune Subscriptions
• Mobile Device Management (MDM)
• Mobile App Management (MAM)
• Azure Active Directory
• Role-Based Administrative Control (RBAC)
• LAB: Intune Overview

Device Enrollment

Intune lets you manage your workforce’s devices and apps and how they access your company data. To use this mobile device management (MDM), the devices must first be enrolled in the Intune service. When a device is enrolled, it is issued an MDM certificate. This certificate is used to communicate with the Intune service.

• Device Enrollment
• Device Management Capabilities
• Enrollment Options
• Windows Enrollment
• Android Enrollment
• iOS Enrollment
• LAB: Device Enrollment

Device Configuration

Use device configuration profiles to manage and control a whole range of different features and functionality on devices.

• Configure Device Profiles
• Configure Device Features
• Configure Device Restrictions
• Configure Settings: Email, VPN, Wi-Fi
• Administrative Templates
• Upgrade Editions
• LAB: Device Configuration

Cloud Security Overview

Security matters. Every company is faced with several kinds of attacks and must implement different tools to protect themselves.

• Threat Landscape
• Common Threats and Attack Types
• The Defender's Dilemma
• Identity and Access Management
• Threat Protection
• Security Management
• Information Protection

App Management

As an IT admin, you are responsible for making sure that your end users have access to the apps they need to do their work. This can be a challenge because there are a wide range of device platforms and app types. Moreover, you might need to manage apps on both company devices and user's own devices, while ensuring your network and your data remain secure.

• App Lifecycle
• Add apps to Intune: Store Apps - Office 365 - Web Apps - LOB Apps - Win32 Apps - PowerShell Scripts
• Monitor Apps
• App Configuration Policies
• LAB: App Management

Device and App Protection

Policies can be created to define whether devices are compliant, to configure conditional access or to protect app and device data.

• Device Compliance Policies
• App Protection Policies
• Windows Information Protection
• Conditional Access
• LAB: Device and App Protection

Securing Your Cloud Identities

The first thing you should protect are your identities. Especially in a cloud infrastructure, this should be your number one priority. Azure Active Directory provides a lot of security related features to control access to your environment.

• Multi-Factor Authentication
• Privileged Identity Management
• Identity Protection
• LAB: Securing Your Identities

Endpoint Protection

Endpoint Protection provides real-time protection against malware threats, keeps malware definitions up-to date, and automatically scans computers. Endpoint Protection also provides tools that help you to manage and monitor malware attacks.

• Endpoint Protection
• Microsoft Defender for Endpoint
• Integration between Intune and Defender for Endpoint
• Enforce Compliance with Conditional Access
• Remediate Vulnerabilities
• LAB: Endpoint Protection

Microsoft Defender for Endpoint

Devices can get compromised because of missing updates or vulnerabilities in applications. Microsoft Defender for Endpoint provides you with an inventory and gives you recommendations to make your environment more secure. This service also detects suspicious activities and alerts you about possible attacks.

• Protect Your Devices
• Onboarding Devices
• Endpoint Detection and Response
• Threat and Vulnerability Management
• Secure Score for Devices
• LAB: Microsoft Defender for Endpoint

Detect and Stop attacks with Microsoft 365 Defender

So many different tools that collect so much information. You may be flooded with information. Microsoft 365 Defender brings it all together. It gives you better insights in attacks by showing you the devices, identities and apps that were involved. You can hunt for threats and be proactive, making sure the attacker doesn't stand a chance.

• Protect Your Environment
• Onboard Security Services
• Attack Investigation
• Threat Hunting
• LAB: Microsoft 365 Defender