SCCM or Intune Cloud - Large Organisation

I was wondering whetehr anyone could shed any light on my question.
We are looking to implement a solution that will provide support for ALL of our mobile devices. Currently we have other solutions but really just need one solution to fit all. We are not looking to support any other devices at this moment other than moble
phones, however we have a proxy that will be required on the mobile phones along with other certificates.
My question is, can InTune handle our requirements of supporting ALL types of phones and BYOD phones? Can all internet traffic be passed directly through to the proxy server? etc. I know we can set up policies on InTune but I believe from what I have seen
they are pretty basic.
At this moment, phones is all we want to support.
Our main concern is the security of mobile devices on a corporate environment.
Thanks in advance.
John

First, define ALL of our mobile devices?
Intune supports WP8.x, iOS 7 (6 also I think), Android (4.x), Samsung KNOX, and WinRT.
To directly address your question of proxy enforcement (and settings in general), no management tool can enforce something that the mobile devices OS does not allow and implement. Mobile Device OSes are *not* like desktop OSes at all where you can extend
the functionality of the core OS and so cannot be treated the same. You must work with the abilities that the mobile OS vendor has provided which varies widely between the vendors.
Jason | http://blog.configmgrftw.com

Similar Messages

  • SCCM and the Cloud

    Hello,
    I am reading several threads on SCCM
    in the cloud:
    intune:  http://www.microsoft.com/en-us/windows/windowsintune/pc-management.aspx
    Intune will not support that many devices and does not support server OSes at all. Also, ConfigMgr itself is not supported to run anywhere but on-premise.
    Several Customers and Consulting company have installed Intune:
    Aston Martin: 700 devices (including 180 Windows 8 Phones)
    Colliers : 1,400 employees
    It seems difficult for now to find customer which have a large environment…
    Our environment is 1000+ servers, 15000+ Desktops, 25000 employees...
    Any evolution within the last 6 months...
    Any MS document(s) stating something about the size of the environment to be supported with the cloud?
    Thanks,
    Dom
    System Center Operations Manager 2007 / System Center Configuration Manager 2007 R2 / Forefront Client Security / Forefront Identity Manager

    Stand-alone Intune (according to marketing documentation) supports 7,000 devices and 5,000 users. It is not meant for large scale management and lacks many/most enterprise features included within ConfigMgr.
    ConfigMgr supports anywhere from 100 to 400,000+ devices.
    There is no cloud option for ConfigMgr and there is no public information on their plans to make such an option available in the future. IMO (and only MO), this will come soon but won't be cheap because of the back-end infrastructure required to support
    ConfigMgr: ConfigMgr is not a simple or small DB application (it's at the far opposite end of that spectrum) and it also pushes a lot of data around -- both the these are expensive in terms of cloud hosting.
    Thus, yes, there is somewhat of a gap for organizations looking for/needing the power of ConfigMgr but not wanting to host it on-prem.
    Jason | http://blog.configmgrftw.com

  • BT Cloud - large file ( ~95MB) uploads failing

    I am consistently getting upload failures for any files over approximately 95MB in size.  This happens with both the Web interface, and the PC client.  
    With the Web interface the file upload gets to a percentage that would be around the 95MB amount, then fails showing a red icon with a exclamation mark.  
    With the PC client the file gets to the same percentage equating to approximately 95MB, then resets to 0%, and repeats this continuously.  I left my PC running 24/7 for 5 days, and this resulted in around 60GB of upload bandwidth being used just trying to upload a single 100MB file.
    I've verified this on two PCs (Win XP, SP3), one laptop (Win 7, 64 bit), and also my work PC (Win 7, 64 bit).  I've also verified it with multiple different types and sizes of files.  Everything from 1KB to ~95MB upload perfectly, but anything above this size ( I've tried 100MB, 120MB, 180MB, 250MB, 400MB) fails every time.
    I've completely uninstalled the PC Client, done a Windows "roll-back", reinstalled, but this has had no effect.  I also tried completely wiping the cloud account (deleting all files and disconnecting all devices), and starting from scratch a couple of times, but no improvement.
    I phoned technical support yesterday and had a BT support rep remote control my PC, but he was completely unfamiliar with the application and after fumbling around for over two hours, he had no suggestion other than trying to wait for longer to see if the failure would clear itself !!!!!
    Basically I suspect my Cloud account is just corrupted in some way and needs to be deleted and recreated from scratch by BT.  However I'm not sure how to get them to do this as calling technical support was futile.
    Any suggestions?
    Thanks,
    Elinor.
    Solved!
    Go to Solution.

    Hi,
    I too have been having problems uploading a large file (362Mb) for many weeks now and as this topic is marked as SOLVED I wanted to let BT know that it isn't solved for me.
    All I want to do is share a video with a friend and thought that BT cloud would be perfect!  Oh, if only that were the case :-(
    I first tried web upload (as I didn't want to use the PC client's Backup facility) - it failed.
    I then tried the PC client Backup.... after about 4 hrs of "progress" it reached 100% and an icon appeared.  I selected it and tried to Share it by email, only to have the share fail and no link.   Cloud backup thinks it's there but there are no files in my Cloud storage!
    I too spent a long time on the phone to Cloud support during which the tech took over my PC.  When he began trying to do completely inappropriate and irrelevant  things such as cleaning up my temporary internet files and cookies I stopped him.
    We did together successfully upload a small file and sharing that was successful - trouble is, it's not that file I want to share!
    Finally he said he would escalate the problem to next level of support.
    After a couple of weeks of hearing nothing, I called again and went through the same farce again with a different tech.  After which he assured me it was already escalated.  I demanded that someone give me some kind of update on the problem and he assured me I would hear from BT within a week.  I did - they rang to ask if the problem was fixed!  Needless to say it isn't.
    A couple of weeks later now and I've still heard nothing and it still doesn't work.
    Why can't Cloud support at least send me an email to let me know they exist and are working on this problem.
    I despair of ever being able to share this file with BT Cloud.
    C'mon BT Cloud surely you can do it - many other organisations can!

  • Aggregate inventory data from SCCM and Intune devices

    Hi,
    We currently have a large SCCM 2012 installation and are looking at into to manage our non-domain Windows devices.  I believe the intune client gathers hardware/software inventory.  Is it possible to report, in SCCM, on this data from both sources
    as once?  
    e.g. If for licencing purposes I needed a report of all machines with software title X installed could this cover devices discovered by both technologies?
    Thanks

    ConfigMgr can manage non-domain devices just fine -- it truly doesn't care about domain membership of the managed systems. If instead of domain-joined, you actually mean remote, then the Internet Based Client Management (IBCM) feature set of ConfigMgr is
    the preferred choice.
    Ultimately, no ConfigMgr has no way to gather or collect information from systems it does not manage but there is no need for it to because it can directly manage any of Windows systems without Intune -- MDM does require Intune and the Intune connector however.
    Jason | http://blog.configmgrftw.com

  • Windows Store .XAP files with SCCM and Intune

    I can download application .xap files from the store and install via SD Card on Windows phones, but yet SCCM will not import the .xap files - reporting that the xap file does not contain the necessary information.  Is this expected?  I can deploy
    my own signed .xap files through configmgr+intune and also deeplink apps, but not manually downloaded .xap files.
    My Personal Blog: http://madluka.wordpress.com

    Is there anywhere in all of the publications and information provided about the abilities of InTune that specifically states you cannot create packages from .xap files obtained from the Windows Store?  Also, I keep reading information that would indicate
    by using InTune in combination with SCCM, you can build app packages, not just deep links.  Does this not include those obtained from the Windows store?  This feature seems relatively useless if it only includes applications for which you have the
    source code.
    All of the information provided by Microsoft that I have read and even the sample files during the trial lead one down the path that this is how you manage software on your devices.   Deep links require a valid Microsoft account on the phone and
    then opens up the option for the end user to sync to the cloud with a personal account, along with the ability to download any app they choose, which do not show up in the inventory.  This was not our idea of application managment when we enrolled with
    this product.  Am I missing something obvious?

  • SCCM and Intune

    I have SCCM 2012.
    There are Site system server "manage.microsoft.com" with Distribution point.
    There are Windows Intune Subscription in Administration\Cloud Services.
    Windows Intune Connector isn't added.
    On Distribution point distribute a package: "Configuration Manager Client Package".
    How can I remove "manage.microsoft.com"?
    "Remove Role" isn't available.

    Removing the Intune subscription should remove this DP automatically. You cannot remove it if you have a subscription in place.
    Gerry Hampson | Blog:
    www.gerryhampsoncm.blogspot.ie | LinkedIn:
    Gerry Hampson | Twitter:
    @gerryhampson

  • How do i import a large organised library from NAS into iPhoto without it re-organising my photos?

    I have a large library of photos, (20,000 or so photos - 58 GB) stored on my NAS Drive, they are organised into yearly folders, and then individual event folders, among other folders such as 'favorites'. When i click import, and leave it to do its thing, will it re-rganise my photos on the NAS or leave them as they are and simply index them? (i have unchecked the 'copy photo's to iphoto library') Hope somebody can give me an answer.
    Thanks in advance Gaz

    It will index them as a Referenced Library but I strongly urge you not to do this when you have the Library on one volume and the photos on another.
    iPhoto uses a very simple tool for workign with Referenced Libraries: Aliases. Aliases are perfectly good when the Library and the photo are on the same volume - the alias will track when the original moves and so on. However, if anything changes in the path to a file on another volume the alias will break, and you'll have to repair it manually. Now what happens if the path to the NAS changes... Like if you upgrade your machine, move the files on the NAS or on to another one? You'll find yourself repairing the aliases for everyone of these 20k photos, manually, one by one.
    Iphoto is not the app for you if you want to do this. You can't put the library on the NAS (because the NAS is not an appropriate disk format for it). Aperture has no problems with this kind of set up.
    There is a broader principle there though: If you use apps like iPhoto, Aperture, LIghtoom, how you organise the files on the disk is not important. It's just storage. You never access the files via the Finder or File Browser. You do every thing via the app - whether it be iPhoto, LR or Aperture. The point of these apps is tht you organise in the Applications, not on the HD.
    Regards
    TD

  • SCCM 2012, Intune and Windows OS Support

    I am just trying to confirm what I believe I am reading about Microsoft OS Support for Windows Intune when integrated with SCCM 2012 R2...
    What I believe to be the case:
    Windows RT, Windows RT 8.1, Windows 8.1 all have the ability to enroll via OMA-DM, thus can be managed by SCCM.
    Down-level OS's such as XP SP3, Vista, and Windows 7 require the Intune Client to be installed, thus can only be managed by a standalone Intune subscription?
    Can anyone confirm this?
    Thanks!

    More or less correct.
    Generally, even for Win 8.1 and WinRT, IBCM or DirectAccess are a better choice than OMA-DM as it can only enable management of a limited subset of features. Two important ones cannot be: software updates and endpoint protection.
    As you've seen (based on your other thread), you can still use the Intune subscription that is connected to your ConfigMgr site to manage devices with the Intune client installed. Effectively, there are two halves of the Intune subscription, the full client
    management half and MDM half which can be controlled by Intune or ConfigMgr. Just because the MDM half is controlled by ConfigMgr does not technically preclude you from still utilizing the full client management half. That's not at all saying you should do
    this though, but you certainly could.
    Jason | http://blog.configmgrftw.com

  • How would i setup certificate authenticated activesync on a windows phone 8 device? Without intune or sccm?

    I've searched all over for this and can find no clues in the interface.
    We have certificate authentication to activesync, via tmg working well for IOS devices and android, we issue the user a certificate, they use it to authenticate, boom no problems.
    We're considering a move to issuing windows phone 8 devices as well, yet i see no way, or instructions on how to actually set these things up to authenticate with a certificate? I see some rumblings about airwatch and sccm with intune, but i don't want to
    pay for a subscription just to use this when it works fine without on other platforms.
    Can anyone shed any light?
    Many thanks,
    Jim

    Hi - we're authenticating with internally issued certificates against a TMG listener, not sure if that is or isn't mutual certification - I have installed the root on the devices so they are trusted, works great with ios, android etc.
    The main issue is there is no place in the setup where you can specify the certificate to use, i have a feeling they (like blackberry) are railroading you into using a paid for mdm solution for cert auth. Be delighted if that isn't the case tho. It is easy
    enough to do this for WP8 with SCCM and InTune but i'm not keen on taking out a subscription just for WP8 devices when we can do it gratis with ios and android.
    Thanks for the reply.
    Jim

  • Intune, SCCM, EAS Clarification

    Hi All,
    I'm trying to understand the expected behaviour in the scenario below:
    Say we have UDM with SCCM and Intune, we enrol a new device for a user, they get the security policy defined in SCCM with the email profile and can access EAS with the security policy the business has defined.
    What's to stop the user just enrolling the device directly in EAS and circumventing the remainder of the security policy that is defined in SCCM? Or does in not work like that? Does the Exchange SCCM (or Intune) connector mean that SCCM knows about the device
    and applies the policy irrespective of whether it has been enrolled through the company portal or directly in EAS?
    Thanks.

    It's called "Conditional Access Policy" and will be available in the next Intune release (Q4 of 2014 for Intune, probably Q1 of 2015 for SCCM/Intune Extension). You can read about it here
    http://blogs.technet.com/b/windowsintune/archive/2014/05/12/what-s-coming-next-with-windows-intune.aspx
    Gerry Hampson | Blog:
    www.gerryhampsoncm.blogspot.ie | LinkedIn:
    Gerry Hampson | Twitter:
    @gerryhampson

  • Cost of Intune and SCCM 2012 r2 vs SCCM 2012 r2 ICBM

    Is there any research/info on pros and cons of SCCM 2012 using intune for internet clinet management vs SCCM 2012 r2 and ICBM?  Things like cost, supportabiliy, etc.  I have seen intune vs sccm not Intune & SCCM vs SCCM and Internet Client
    Based Management. 
    Cyndy

    Hi,
    I think the reason is that you cannot manage Windows clients using the WIndows Intune Agent and integrate it with SCCM 2012. The integration with Intune and SCCM 2012 is for Mobile Device Management only so there is no possibility to install the Windows
    Intune Agent on a client and then manage it through the SCCM Admin Console.
    THe only scenario where that would work is if you manage a Windows 8.1 with the OMA-DM agent and enroll them in Intune as a mobile device with a limited set of features.
    So ICBM is still the way to go if you need all the features in SCCM or you want one console to rule them all.
    Regards,
    Jörgen  
    -- My System Center blog ccmexec.com -- Twitter
    @ccmexec

  • Windows intune with SCCM

    Can u tell me or share a link on step by step process to manage devices with SCCM using intune, I have the intune subscribtion.

    There are many guides available online, here is an example:
    http://www.windows-noob.com/forums/index.php?/topic/10905-the-windows-noob-microsoft-intune-mobile-device-management-guides-now-available-to-download/
    My Blog: http://www.petervanderwoude.nl/
    Follow me on twitter: pvanderwoude

  • Cloud ONTAP - Keeping costs down for demo puposes

    May I start by mentioning my appreciation for Kevin's excellent video. Like many large organisations, it is easier for me to request a $50k piece of capital equioment than to justify $20 per month on my corporate CC. At risk of raising a daft question, if I add the Cloud ONTAP appliance and the requisite server instance to run Cloud Manager will I see a zero monthly charge whilst these are shut down? I suspect that I need to delete all stored data, snapshots and volumes. I gues what I'm asking is whether there are any "hidden" charges I should be aware of? Best wishes from Sunny (at the moment) South of England.Pete Springfield

    Hi Pete, A couple of responses for you.  This may be a little long winded... and I'm not certain they will help you with your decision, but I do hope that they help: First is that... nothing is ever 'free' in the cloud.  You may come close, but maybe not totally freeI think that using Cloud ONTAP to demo things is great.  I do it all the time.First is that … nothing is ever totally 'free' in the cloud.  You can come close, but with AWS there will always be some sort of charge, even if minorI think that using Cloud ONTAP to demo anything 'NetApp' is really the way to go… in the long run it will save you time, effort (and yes, money) since you don’t have to continually recreate your environment and ensure everything is working correctly… every time.  You now just need to configure it once… and turn it on when you want to use it. Things that 'cost':The Cloud ONTAP instance hourly chargeThese charges can be mitigated if you turn off or terminate the Cloud ONTAP instanceThe underlying EBS storage – This is for Boot, Root, and Data:Sizes for Boot and Root are fixed and can’t be changedYou can control the size of Data aggregate if you choose.The default size is 500GB EBS.  You CAN elect to create a single 100GB disk aggregate, move your root volume over… then remove the default aggregate, if you want.  Your performance WILL suffer because of the smaller 'disk', just so you are aware.Now with Cloud Manager 2.0 and Cloud ONTAP 8.3.1 you can choose between EBS GP2 or Magnetic disksThe costs of EBS Magnetic is roughly 50% less than that of EBS GP2Sample MONTHLY costs for the Data Aggregates (region us-east-1):500GB EBS GP2: $50 / month500GB EBS Magnetic:  $25 / month100GB EBS GP2: $10 / month100GB EBS Magnetic: $ 5 / monthEBS Snapshots for Boot and RootThese are taken if you choose to stop the Cloud ONTAP instanceThis action can be toggled off (which I do almost every time)Data Ingress / Egress.This means if you have a snap mirror relationship in place that will transfer data to/from your Cloud ONTAP instancesAnother 'hidden' charge you may already be aware of is going to be for the Cloud Manager instance you’ll be using to monitor / manage your Cloud ONTAP systems. Here’s what I do:When not in use, I have all of my Cloud ONTAP instances AND my Cloud Manager instance turned offWhen I need to use them, I go into my AWS EC2 console and turn on my Cloud Manager instanceI then use Cloud Manager to turn on the Cloud ONTAP instances I wantI then do my video, demonstration, test… whateverWhen I’m done… I turn off all the Cloud ONTAP instances…. Or Terminate the ones I know I don’t needThen I go back into the AWS EC2 console and turn off my Cloud Manager instance There is also a fairly detailed AWS Cost Calculator that might help if you’re looking for more granularity: http://calculator.s3.amazonaws.com/index.html I do understand how it is often easier to expense a much larger charge than some minor costs… however, you also might want to point out to your management, what the costs will be for you to instantiate a fresh environment each and every time you need to conduct a demonstration… vs. the minute or two to turn on a Cloud ONTAP system…. Fully configured and ready to go. Hope this helps! Kevin 

  • Configuration Manager Cloud Services under the Administrator Section

    Hi,
       i was wondering about the SCCM 2012 R2 cloud Services under the administrator, what is it? i mean is it a private or public cloud?
    what is it connecting to and what is it using to connect? for example API, direct connection, app controller, etc.?
    what is the functionality of this service?
    Thanks

    That link does only mention cloud DPs, but you can also integrate Intune into ConfigMgr (which is also a cloud service). ConfigMgr interacts directly with those services.
    Torsten Meringer | http://www.mssccmfaq.de

  • Adobe Lightroom 5.7.1 via Creative Cloud Packager

    Hi all,
    I might have missed something here but after creating a Creative Cloud package, I install the MSI/setup.exe that was created inside the "Build" folder followed by running the ExceptionDeployer in the Exceptions folder. However, the issues are:
    EULA prompt on first launch - not ideal
    Creative cloud prompt on launch - not ideal, not everyone has a Creative Cloud account
    Updates not disabled - not such a major issue but also not idea.
    I've recently configured other Adobe products through SCCM from Creative Cloud packages and this does not appear to be consistent with the other packages (Acrobat XI Pro, After Effects, Fireworks CS6, Illustrator, Photoshop, In Design, etc...) Is this standard behaviour or am I missing a step?
    I've familiarised with these just prior to undertaking the tasks:
    Creative Cloud Help | Using Adobe Exceptions Deployer
    Creative Cloud Help | Installing Products in the Exceptions folder
    I've also gone through this:
    https://forums.adobe.com/thread/1590920
    But I get the same outcome.
    Any help would be greatly appreciated. Thank you.

    Have you tried using APTEE to suppress the eula?
    Creative Cloud Help | Using Adobe Provisioning Toolkit Enterprise Edition

Maybe you are looking for