News

Microsoft Describes 'Hybrid' Intune-SCCM Mobile App Management Vision

Microsoft last week shared more details about its mobile application management vision, in which its Intune and System Center Configuration Manager (SCCM) products will play key roles.

The company previously gave a high-level explanation of its plans. The idea is that Intune's mobile device management (MDM) capabilities are getting embedded inside Microsoft's Office 365 applications. Other software vendors also can tap APIs from an Intune software development kit (SDK) to add management capabilities to their apps. They can use the same app wrappers that Microsoft uses and access the same "containers" that are used by Office apps to add these Intune management capabilities.

Last week, Microsoft further explained how its newly released service packs for System Center 2012 and System Center 2012 R2 enable Intune's mobile application management capabilities in "hybrid" scenarios in which SCCM is combined with the Intune service.

Organizations can use SCCM as their main tool integrated with Intune in a hybrid configuration, with Intune providing the mobile application management support. Those capabilities come into play when so-called "managed apps" are deployed by an organization. A managed app, by definition, already has the Intune SDK built into them, according to Microsoft's descriptions.

Organizations with their own proprietary apps also can add Intune management capabilities by wrapping their apps using Microsoft's app wrapping tools. Currently, there's an existing tool for iOS apps. Last week, Microsoft announced a new Intune App Wrapping Tool for Android solution.

Hybrid Intune-SCCM solutions work by associating a managed app's "deployment type" with policies set up by IT pros. Here's how Microsoft describes it:

When using System Center Configuration Manager (ConfigMgr) integrated with Intune, you can associate the app management policy with the ConfigMgr application's deployment type (DT) that you want to restrict. When the application is deployed and the application's DT is installed on devices, the settings you specify will take effect.

At present, it's possible to add mobile application management capabilities to managed apps running on Android 4 and later operating system versions, as well as Apple iOS 7 and later versions.

The standalone Intune product already works with various iOS managed apps, including Office suite apps, OneDrive cloud storage, Work Folders and the "Intune Managed Browser," which is Microsoft's specialized browser that lets IT pros manage user actions. On the Android side, there's support for an Intune Managed Browser, Office apps for tablets, OneDrive, a PDF Viewer and AV Player application. Microsoft's list of managed apps can be found in this TechNet library article.

Microsoft has been clear that Intune is its main MDM tool going forward. Additionally, as a cloud service, Intune follows a monthly update cycle and gets its new feature updates faster than Microsoft's venerable SCCM product. Still, Microsoft is gradually adding Intune capabilities to the SCCM component of System Center 2012 and System Center 2012 R2. That's done by improving SCCM's "extensibility model," according to Mark Florida, a principal program manager at Microsoft. He explained in an Ignite session that there was "80 percent" parity with Intune and SCCM in System Center 2012 Service Pack 2 and "85 percent" parity with Intune and SCCM in System Center 2012 R2 Service Pack 1.

SCCM might still be the tool of choice for very large organizations or organizations managing Internet of Things-types of scenarios. Florida explained that the Intune standalone product has a device support scale limit of 50,000 devices, whereas the hybrid Intune-SCCM solution is capable of managing "hundreds of thousands of devices."

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • Report: Security Initiatives Can't Keep Pace with Cloud, AI Boom

    The increasingly fast adoption of hybrid, multicloud, and AI systems is easily outgrowing existing security measures, according to a recent global survey by the Cloud Security Alliance (CSA) and exposure management firm Tenable.

  • World Map Image

    Microsoft Taps Nebius in $17B AI Infrastructure Deal To Alleviate Cloud Strain

    Microsoft has signed a five-year, $17.4 billion agreement with Amsterdam-based Nebius Group to expand its AI computing capabilities through third-party GPU infrastructure.