{"id":43612,"date":"2023-12-18T10:23:36","date_gmt":"2023-12-18T15:23:36","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=43612"},"modified":"2024-08-15T17:11:48","modified_gmt":"2024-08-15T21:11:48","slug":"intune-replace-sccm","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/intune-replace-sccm","title":{"rendered":"Intune vs SCCM: Is Intune the SCCM Replacement?"},"content":{"rendered":"\n
Admins understand the need for mobile device management (MDM)<\/a> to manage access for Android and iOS devices. Cloud services, including Microsoft\u2019s Intune have grown popular to support modern, heterogeneous environments with those devices, but it\u2019s not uncommon for System Center Configuration Manager (SCCM) to remain in place to manage Windows endpoints. The problem is that Microsoft\u2019s on-premise tools leave IT management gaps.<\/p>\n\n\n\n SCCM has been folded into Microsoft Endpoint Configuration Manager to address those concerns. This change could obligate admins to adopt cloud solutions like Entra ID and Intune to use all of its features. Intune doesn\u2019t provide the same management capabilities as SCCM, and it may seem necessary to consider setting up co-management between those technologies. Configuration Manager is frequently integrated with Intune to manage non-Windows devices. <\/p>\n\n\n\n Microsoft is, in effect, locking customers into a vertically integrated portfolio of cloud-based tools and services. Fortunately, Microsoft shops have other options available to modernize IT for secure single sign-on<\/a> (SSO) and cross-OS device management. Have you been wondering about the relationship between Intune and Configuration Manager? Are you looking for another MDM platform? In this article, we\u2019ll dive into the relationship between Intune and Configuration Manager. We\u2019ll also compare JumpCloud against Microsoft\u2019s prescribed hybrid cloud platform.<\/p>\n\n\n\n Read The Beginner\u2019s Guide to Mobile Device Management<\/a> (MDM).<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n Configuration Manager is Microsoft\u2019s on-prem system management solution. Admins generally pair Configuration Manager with Active Directory to manage fleets of on-prem Windows devices.<\/p>\n\n\n\n With Configuration Manager, admins can manage the deployment, configuration, and level of security enforced over an enterprise\u2019s devices. Intune is needed for non-Windows devices.<\/p>\n\n\n\n Configuration Manager also allows admins to protect endpoints with Windows Security, which includes Windows Defender Antivirus, as well as Microsoft Defender for Endpoints. <\/p>\n\n\n\n Other features include:<\/p>\n\n\n\n On its own, Configuration Manager works best for entirely on-prem infrastructures. <\/p>\n\n\n\n Implementing, configuring, and maintaining Configuration Manager is a complex process. Without the proper skills or experience, Configuration Manager can be more trouble to work with than it\u2019s potentially worth. Prerequisites include needing SQL Server for a change management database, SQL Server Reporting Services (SSRS), and a server to run Internet Information Services (IIS). Even Microsoft acknowledges<\/a>, \u201cTo be successful with Configuration Manager in a production environment, thoroughly plan and test the management features.\u201d<\/p>\n\n\n\n Configuration Manager also fails to support a Zero Trust<\/a> security strategy by leaving management gaps and lacking condition access policies<\/a> for privileged identity management. These gaps may also contribute to IT tool sprawl<\/a> if point solutions are set up as workarounds.<\/p>\n\n\n\n Some important features will require IT admins to integrate it with Microsoft cloud services.<\/p>\n\n\n\n \n <\/p>\n \n Securely connect to any resource using Google Workspace and JumpCloud. <\/p>\n <\/div>\n Intune is Microsoft\u2019s cloud-based mobile device management (MDM)<\/a> solution for Windows, Linux, iOS, and Android devices as well as a mobile application management (MAM) solution. Microsoft sells add-ons that extend its capabilities and integrate Intune with security products.<\/p>\n\n\n\n In recent years, Microsoft has bundled Intune with its user management platform, Entra AD. One of the reasons many admins consider Intune is its ability to check devices for compliance prior to them gaining access to Azure-related services such as Office 365. Combining Intune and Entra ID adds identity management capabilities to assign policies and roles to users.<\/p>\n\n\n\n Intune provides centralized endpoint management and application management. It also integrates with Microsoft\u2019s provisioning, data protection, and security products. Entra ID is mandatory to access these services and control access to resources, using Zero Trust security.<\/p>\n\n\n\n It\u2019s not a complete replacement for the system management capabilities many have come to know and depend on with Active Directory and\/or the Microsoft Endpoint Manager. Adopting the cloud-based Endpoint Manager suite extends what it can do, but that creates an extended commitment to use Microsoft products. Entra and Intune are components of a much broader reference architecture<\/a> of tools and services that small and medium-sized enterprises (SMEs) may not be able to deploy without a dedicated external resource. Microsoft suggests using partners to manage its complexity.<\/p>\n\n\n\n Customers have called out faults<\/a> with Intune\u2019s performance, complexity, and licensing. Modern provisioning and remote actions aren\u2019t available unless you\u2019re using Intune.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n Organizations may aspire to migrate to a serverless environment, but the reality is that many line of business apps are dependent on legacy Microsoft infrastructure. Configuration Manager also provides a level of management granularity that Intune can\u2019t match at this time. Those are the underlying reasons why co-management exists, but Microsoft has also sweetened the pot by requiring it to access foundational Zero Trust security capabilities such as conditional access. You can concurrently manage Windows 10+ endpoints when these services are combined. Workloads are balanced between the two systems and either remain on premise or migrate.<\/p>\n\n\n\n Management grows even more complex<\/a> when Configuration Manager coexists with other MDM solutions such as workloads being automatically deactivated by Microsoft.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n JumpCloud is an open directory platform<\/a> with heterogeneous MDM, IAM, and SSO capabilities. Think of JumpCloud as a consolidated alternative<\/a> to Entra AD, Intune, and Active Directory. The platform provides SSO to your resources with environment-wide multi-factor authentication (MFA) and phishing-resistant authentication<\/a>. Its password manager<\/a> can be used to control access to systems that don\u2019t support SSO. Integrated IAM improves IT efficiency through dynamic groups<\/a> and HRIS integrations, all through a single console. Conditional access is also available as an option.<\/p>\n\n\n\n Note:<\/strong> JumpCloud federates or syncs with other identity providers (IdPs), offering you more choice.<\/p><\/div><\/div><\/div>\n\n\n\n The platform offers unified endpoint management with GPO-like policies<\/a> for Android, Windows, Linux, and macOS platforms so admins can create policies that remotely disable virtual assistants, enforce full-disk encryption (FDE), configure system updates, and more. JumpCloud also includes an app repository to assist with software deployments. Remote Access<\/a> tools are available for remote assistance and background troubleshooting; commands can be executed against devices for remediations. Cross-OS and browser patch management is also optional.<\/p>\n\n\n\n Reporting<\/a> is built into JumpCloud for System Insights<\/a> and more.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n JumpCloud has also streamlined how Windows devices that are already in the field<\/a> are provisioned. It\u2019s working to enable return-to-service workflows to enroll Windows endpoints through Provisioning Packages (PPKG) created with Windows Configuration Designer (WICD). Packages can be deployed using USB drives or network shares. Admins may also opt to partner with their OEM or contact JumpCloud partners like GroWrk<\/a> and Hofy<\/a> to equip remote workers with the devices.<\/p>\n\n\n\n JumpCloud helps admins follow MDM best practices<\/a> for heterogeneous device environments more effectively. When a prescribed policy isn\u2019t going to get the job done, JumpCloud also enables IT admins to create and execute their own commands and scripts. It can also coexist with and be used to modernize Active Directory<\/a> while keeping Configuration Manager running.<\/p>\n\n\n\n With JumpCloud, you have the freedom to replace AD altogether or integrate it seamlessly with your AD instance to get exactly the functionality you need. The platform includes Active Directory Integration<\/a> (ADI), which has multiple deployment models to meet your company\u2019s needs and objectives. ADI has a scalable deployment model that uses member servers to configure syncing with AD. It\u2019s even possible to sync multiple domains to JumpCloud. This approach to cross-OS systems management provides greater time to value and ease of use.<\/p>\n\n\n\n Deciding between JumpCloud and Entra AD with Intune AD<\/a> boils down to your particular identity and device management needs, your existing departmental tools in action, and your budget. As you evaluate your options, here are some key factors to consider: <\/p>\n\n\n\n Are you locked into Microsoft solutions for the foreseeable future? If so, Azure AD paired with Intune may be a good fit. Also consider JumpCloud, because it integrates with the Microsoft stack. Both approaches will meet the criteria outlined in Microsoft\u2019s rapid modernization plan<\/a> where assets are managed and conditional access rules can help evaluate security posture. <\/p>\n\n\n\n JumpCloud centralizes user access and network management across all major operating systems. Microsoft permits this if you integrate Configuration Manager with Intune and other bundled services. The availability of services is dependent upon which licenses you have.<\/p>\n\n\n\n Admin and MSPs benefit from toolkit consolidation. Why? Using less tools to achieve the same (or better) results means less costs, less errors, and more time saved. If unifying your stack is important to you, for whatever reason, strongly consider a provider like JumpCloud. It even pairs nicely with Active Directory for IT managers who want some workflows to stay on-prem.<\/p>\n\n\n\n Does your organization rely on Microsoft 365 or Google Workspace? Alternatively, have you struggled to choose one option over the other? While this may have been a major decision in the past, you can change providers down the line without having to tear everything down and rebuild. JumpCloud is a Google partner<\/a> for secure and consistent integrations.<\/p>\n\n\n\n Entra AD with Intune and the JumpCloud platform provide integrations for these popular platforms. That means end users can access either productivity platform with one set of credentials. Admins can either manage user permissions from the Azure portal or the JumpCloud portal.<\/p>\n\n\n\n Read: Manage Google Workspace and Microsoft 365 Identities in Minutes from a Single Cloud Directory<\/a> to learn more about JumpCloud integration. <\/p>\n\n\n\n When evaluating which identity management provider is right for you, consider your non-system needs. For instance, if you\u2019re interested in LDAP, RADIUS, Samba, SSH, and other protocol support, JumpCloud\u2019s protocol level hosted services will make life easier.<\/p>\n\n\n\n JumpCloud\u2019s multi-protocol approach unifies the management of identities so that each user has a single set of credentials instantly mapped to the many things an employee needs. It also streamlines the offboarding process as admins can instantly extract user access to a myriad of different resources with the click of a button. <\/p>\n\n\n\n Another relevant issue IT leaders face is vendor lock-in<\/a>. Though Microsoft continues to promote tech diversity, the brand is financially motivated to keep customers on the Windows and Azure platform track. Microsoft integrates with other technologies, but as noted with the example of MDM providers clashing with Configuration Manager outlined above, it\u2019s not always so easy.<\/p>\n\n\n\n Unfortunately, this becomes problematic when admins later realize they need additional tools to accomplish increasingly ambitious security goals. For example, Microsoft made significant licensing changes to Entra ID by moving privileged access management and other identity governance features out of Entra. It\u2019s now requiring an additional license on top of it.<\/p>\n\n\n\n Most organizations with Entra AD eventually end up adopting AAD Connect, AAD DS, and other Microsoft-owned tools to drive a Zero Trust security approach. If Microsoft is your \u201cride or die,\u201d it\u2019s no big deal. But if another vendor offers an eye-catching user experience or capability that would be a game-changer, tool incompatibility becomes a very big deal.<\/p>\n\n\n\n The JumpCloud open directory platform is a more flexible and affordable option if you\u2019re considering the long-term goals of every department and the company as a whole to utilize best-of-breed solutions. IT can spend less time integrating a complex suite of tools and services and more time being focused on its mission while avoiding software monoculture.<\/p>\n\n\n\n Learn more about Intune pricing vs JumpCloud<\/a>.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n Both JumpCloud and Entra AD with Intune provide immense benefits to organizations wanting to enhance MDM<\/a>. For cloud-forward and cross-platform organizations that wish to use best-of-breed technologies, JumpCloud is the superior choice. Endpoint Manager may make sense for on-prem and mostly Windows-based companies that have resources to throw at its integrations.<\/p>\n\n\n\n In either case, we encourage you to give serious consideration to how many disparate tools you\u2019re using in your IT stack. The best way to relieve stress as an IT manager, without diminishing productivity, is to do more with less.<\/p>\n\n\n\n The JumpCloud open directory platform consolidates several common IT tools into one platform \u2014 Enterprise Mobility Management<\/a> (EMM), MDM, IAM, SSO, and directory management \u2014 while reducing Total Cost of Ownership<\/a>. Rather than purchase multiple solutions with Entra AD (e.g., Intune, AD, Entra AD DS, Entra AD Connect, etc.), we invite you to get started with JumpCloud<\/a>. <\/p>\n","protected":false},"excerpt":{"rendered":" In recent years, Microsoft has made strides to provide more cloud-friendly software solutions. Among these products is its MDM platform Intune.<\/p>\n","protected":false},"author":150,"featured_media":68904,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[2753],"tags":[],"collection":[2779,2777],"platform":[],"funnel_stage":[3016],"coauthors":[2535],"acf":[],"yoast_head":"\n<\/p><\/div>
Configuration Manager vs. Intune: Features and Capabilities<\/h2>\n\n\n\n
Overview of Configuration Manager<\/h3>\n\n\n\n
Configuration Manager Benefits<\/h4>\n\n\n\n
\n
Configuration Manager Disadvantages<\/h4>\n\n\n\n
\n <\/div>\n
Overview of Intune<\/h2>\n\n\n\n
Intune Benefits<\/h4>\n\n\n\n
Intune Disadvantages<\/h4>\n\n\n\n
<\/p><\/div>
Co-Management<\/h2>\n\n\n\n
<\/p><\/div>
JumpCloud: An Alternative to Intune and Configuration Manager<\/h2>\n\n\n\n
<\/p><\/div>
<\/p><\/div>
Active Directory Modernization<\/h3>\n\n\n\n
<\/figure>\n\n\n\n
JumpCloud vs. Entra AD with Intune: 5 Factors to Consider <\/h2>\n\n\n\n
1. Current and Future Platform Plans<\/h3>\n\n\n\n
2. Tool Sprawl<\/h3>\n\n\n\n
3. Microsoft 365 and Google Workspace Usage<\/h3>\n\n\n\n
4. Non-System Needs<\/h3>\n\n\n\n
5. Vendor Lock-In<\/h3>\n\n\n\n
<\/p><\/div>
IT Infrastructure Unification<\/h2>\n\n\n\n