Microsoft Intune – The Beginning of Small Business IT Management in the Cloud

Microsoft just released information regarding their new cloud management service for small organizations, Microsoft Intune.  you can read about it on their blog post here.

It’s geared towards smaller companies that have between 25 and 2,500 PCs that may not be able to afford a standard IT infrastructure and server deployment.  Honestly, with some of my clients using SBS 2003 with a decent IT consultant (me :)) companies with as little as 15 machines can easily make use of the standard Microsoft infrastructure.  If you’re beyond 100 PCs I don’t know how you would ever manage this effectively without having Windows Server, Active Directory and many of the management tools such as WSUS and a managed virus/malware setup.  But, that’s beyond the point.

What is Microsoft Intune and what does it do for you?  Here are the basics:

  • Manage PCs through web-based console: Windows Intune provides a web-based console for IT to administrate their PCs. Administrators can manage PCs from anywhere.
  • Manage updates: Administrators can centrally manage the deployment of Microsoft updates and service packs to all PCs.
  • Protection from malware: Windows Intune helps protect PCs from the latest threats with malware protection built on the Microsoft Malware Protection Engine that you can manage through the Web-based console.
  • Proactively monitor PCs: Receive alerts on updates and threats so that you can proactively identify and resolve problems with your PCs—before it impacts end users and your business.
  • Provide remote assistance: Resolve PC issues, regardless of where you or your users are located, with remote assistance.
  • Track hardware and software inventory: Track hardware and software assets used in your business to efficiently manage your assets, licenses, and compliance.
  • Set security policies: Centrally manage update, firewall, and malware protection policies, even on remote machines outside the corporate network.
  • Licensing to upgrade all your PCs to Windows 7 Enterprise.  Includes all applicable upgrades to the latest Windows as well as downgrades while you are under the subscription.

Intune is only in beta at the moment.  You can sign up here until May 16th.  It isn’t scheduled to be released in production until next year.  At that time it will be a subscription based service, most likely ona per PC basis. 

A few things of note:

  • The tracking of hardware and software would be nice.  I don’t know if this only tracks PCs or if it also tracks hardware like printers and network appliances and I’m not sure if it tracks non-Microsoft software.  We’ll have to wait and see how thorough their system is.
  • Setting of security policies seem to be limited to templates that affect security settings like Windows Firewall, updates, etc.  It doesn’t seem to be a full fledged Active Directory Group Policy infrastructure. 
  • Allowing the upgrading of all of your PCs to Windows 7 enterprise is a pretty great deal.

Not a replacement for Small Business Server

I don’t see this as a replacement for SBS.  Honestly, I don’t really see anything that can’t already be accomplished by a decent network setup by an IT consultant, and that you don’t have to pay a monthly fee for.  You still have to have someone knowledgeable (or your IT consultant) to handle the setup and monitoring of Intune, so you aren’t getting rid of your IT guy, just adding the management layer on top of your current network.

What does SBS do that Intune doesn’t do?  Pretty much everything else.  It gives you a full fledged AD infrastructure, user/group/hardware authentication/authorization, shared resources such as folders/printers, Exchange, SQL Server, IAS, etc.

Microsoft already makes Exchange available as a subscription based service, though I don’t know if this is technically in the MS Azure cloud yet.  Azure currently also is starting to handle the SQL space. 

I think Intune will really be able to fill the small business space when I can have a SBS server locally to handle shared resources and local caching of my AD/DNS, but then offload everything else to the cloud, including my licensing management of all my MS products including Windows, Office, etc, AD management, GPO management, intranet, etc.  Then this might really be a full on solution that I could see businesses shelling out $50 annually a computer for.

So, am I signing up for the beta?  Yeah, why not.  I’d really like to see how this works out and where it’s headed.  One of my clients is due to renew their annual license for their virus vendor and we haven’t been that happy lately with the product.  So, this will give us a chance to try out the Microsoft offering for little cost (if anything) and see if this really lets me manage the network better.  Having the remote access through Silverlight will be nice.  That way I don’t have to remote into the server and then remote from there.  Until I see actual estimates on licensing though I will be hesitant to upgrade the PCs to Windows 7.

About Author

Matt Penner

Leave a Reply

Your email address will not be published. Required fields are marked *