Share This Post

Comparing the Two Modes of Microsoft Intune

cloud-computer2Microsoft Intune is Microsoft’s cloud based device management solution. It can be deployed in one of two modes depending upon the exact requirements of an organization: stand-alone and hybrid.

Before going into the comparison of these two modes, I need to clarify a couple of terms.

Device: Any multi-purpose computer used by a user to run apps or applications and access data. This includes handheld devices like smart-phones as well as tablets, desktops, laptops, and even servers. Ultimately, who cares if the device is mobile, fixed, or in the cloud — they all still need to be managed.

Intune Deployment: Intune is a cloud based-service and nothing needs to be manually deployed to use it. You simply request a tenant to be created for you and it magically appears in the Microsoft cloud ready for your use. Integration with Microsoft System Center Configuration Manager (ConfigMgr1) involves one additional step of setting up a connector but no additional infrastructure is required for this necessarily.

The below table summarizes the capabilities (and limitations) of Intune in stand-alone mode or Intune combined with ConfigMgr. Not listed in the table are the great features that Microsoft added to Intune in November and December of last year (2014) or February of this year (2015). These newly added features, for the time being, are exclusive to Intune stand-alone. They will eventually make their way to ConfigMgr (although *probably* not until the next version due out around the time that Windows 10 is released).

Both solutions have their place in the Microsoft device management ecosystem, but without knowing these differences, it can be difficult to choose between the two. Note that this is a bit of a moving target so things will change. Microsoft is committed to providing both solutions though and sees a place for both so neither is a dead-end thus use the following table as a first-step guide for comparing Intune stand-alone to hybrid.

So which do I recommend? Generally, I recommend hybrid because of the robust, on premises Windows management capabilities that come with it. This does come at the cost of complexity and additional administrative overhead though. If you’re a smaller organization and/or don’t need the robust capabilities covered by ConfigMgr and/or want the (currently) better mobile device capabilities of stand-alone Intune, then stand-alone Intune is a great choice.

Stand-alone Hybrid
Unified administration with ConfigMgr No Yes
Supported Devices iOS 6.0+, Android 4.0+, Windows Workstations, Windows RT, Windows Phone 8.0+ iOS 6.0+, Android 4.0+, Windows Workstations and Servers, Windows RT, Windows Phone 8.0+, Linux Servers, Mac OSX2
Maximum managed device count 50,000 with mobile devices only, 7,000 with mixed mobile devices and PCs (using the Intune client agent) 50,000 with a shared ConfigMgr primary site, 100,000 with a dedicated ConfigMgr primary site
On-premises infrastructure required No Yes
Extensible and customizable (inventory, reporting, third-party) No Yes
Simple web Console accessible from anywhere Yes No
Requires client connectivity to the Internet Yes No
Integrated Operating System Deployment3 No Yes
Retire and wipe devices Yes Yes
Full-featured app deployment Yes (for mobile devices), kind of (for Windows devices)4 Yes
Software Updates5 Yes (for Windows devices) Yes (for Windows devices)
Endpoint Protection Yes (for Windows devices) Yes (for Windows devices)
App-V Integration No Yes (for Windows devices)
Software Metering No Yes (for Windows devices)
Rapid updates to features and capabilities with no upgrades required Yes In ConfigMgr 2012 R2, kind of (via Intune extensions)6

1 Yes, ConfigMgr and not SCCM or SCCM.
2 Please do not call this OS “ecks”, it is OS “10”. It is a Roman numeral, not some weird reference to the X-Men. Apple’s previous Macintosh OS was named … OS9. And the one before that was … surprise … OS8 … and so on. Thus, don’t be a heathen and call it OS “ecks”.
3 Operating System Deployment can be naively thought of as “OS imaging”. It is ultimately so much more than simply deploying an image though. Don’t be naïve: stop calling it “imaging”.
4 While application deployment is certainly supported and works in stand-alone Intune, it is a simple fire-and-forget method at best without any ability to use scripts or perform any complex processing.
5 Software Updates is sometimes referred to as “patching”. Patching sounds like a word uttered by a caveman though so I prefer Software Updates.
6 Feature set parity as well as the ability to rapidly add capabilities is expected in the next version of ConfigMgr.

The post Comparing the Two Modes of Microsoft Intune appeared first on ConfigMgrFTW!.

Share This Post

Technology has been my life for over 15 years; for work and play, at the office and at home. My experiences run the gamut: programming, networking, system administration, Windows, Linux, Oracle. I am currently employed by Microsoft ISV partner and have held various other IT positions. I am a contributing author the book System Center Configuration Manager Unleashed 2007, am an active Microsoft MVP in ConfigMgr, and have spoken at both MMS and TechEd North America multiple times.

Leave a Reply