☎️
Contrxl
  • 🏡Home
  • ❓Anonymity Tools
  • ⌨️Cisco
    • Networking Basics
      • Communication in a Connected World
      • Network Components, Types and Connections
      • Wireless and Mobile Networks
      • Home Networking Technologies
      • Communication Protocols
      • Network Media
      • The Access Layer
      • The Internet Protocol
      • IPv4 and Network Segmentation
  • 💾Intune
    • ADMX Configuration
    • App Deployment
    • App Updating/Patching
    • File Deployment
    • Remediations
  • 🎓Learning Links
  • 💻Microsoft
    • 📘Microsoft Portal Links
    • Configure SIEM Security Operations using Microsoft Sentinel
      • Create and Manage Microsoft Sentinel Workspaces
        • Introduction
        • Plan for the Microsoft Sentinel Workspace
        • Create a Microsoft Sentinel Workspace
        • Manage Workspaces Across Tenants Using Azure Lighthouse
        • Understand Microsoft Sentinel Permissions and Roles
        • Manage Microsoft Sentinel Settings
        • Configure Logs
  • 📰News & Information
  • 💡OSINT
    • IP & Domain OSINT
    • Email & Username OSINT
    • Vulnerability OSINT
  • 📚Projects
    • ‼️A Simulation Study of DDoS
  • ⚒️Tools
    • Burp Suite
      • Repeater
      • Intruder
      • Other Modules
    • GoPhish
    • Hydra
    • John the Ripper
    • Metasploit
      • Exploitation
      • Meterpreter
    • NMAP
    • Wireshark
  • 🖥️TryHackMe
    • Learning Paths
      • Complete Beginner
        • 1. Complete Beginner Intro
        • 2. Linux Fundamentals
        • 3. Introductory Networking
        • 3.1 Network Exploitation Basics
        • 4. OWASP Top 10 Exploits
        • 5. Upload Vulnerabilities
        • 5.1 An Example Methodology
        • 6. Cryptography - Hashing
        • 7. Cryptography - Encryption
        • 8. Active Directory Basics
        • 9. What the Shell?
        • 10. Linux Privesc
        • 11. More Linux Privesc
      • Jr Penetration Tester
        • Walking an Application
        • Content Discovery
        • Subdomain Enumeration
        • Authentication Bypass
        • IDOR
        • File Inclusion
        • SSRF
        • XSS (Cross-site Scripting)
        • Command Injection
        • SQL Injection
        • Passive Reconnaissance
        • Active Reconnaissance
        • Protocols and Servers
        • Protocol and Server Attacks
        • Vulnerabilities
        • Exploiting Vulnerabilities
        • Linux Privilege Escalation
        • Windows Privilege Escalation
      • CompTIA Pentest+
        • Planning and Scoping
          • Pentesting Fundamentals
          • Red Team Engagements
          • Governance and Regulation
        • Tools and Code Analysis
          • Metasploit: Introduction
          • Wireshark: The Basics
          • Burp Suite: The Basics
          • Hydra
          • Python Basics
        • Attacks and Exploits
          • Phishing
          • Windows Local Persistence
          • Breaching Active Directory
          • Lateral Movement & Pivoting
Powered by GitBook
On this page

Intune

An introduction to Microsoft Intune, Microsoft's endpoint management service.

What is Intune?

Microsoft Intune is a cloud-based endpoint management service for both corporate and BYOD (Bring Your Own) devices.

Intune provides a platform to manage users and devices. Intune supports BYOD (Bring Your Own Device) and devices owned solely by an organisation. Intune is what we refer to as hardware agnostic, meaning you can enrol any brand or type of device into it. For example, you can enrol Dell, Samsung, Android, Google, or Apple hardware into Intune without any issues if configured properly.

When enrolling your hardware always check that the OS version it is running is currently supported by Intune, the Microsoft documentation keeps an up-to-date list of the OS versions Intune supports.

Microsoft Intune comes with an in-built app management and deployment experience. This covers app deployments, updates and removal. This will be covered further in this section. Intune also provides the Company Portal which allows users to use self-service features, like download optional apps or reset their PIN/Passwords.

Intune is integrated with Microsoft's threat defence services, including Microsoft Defender for Endpoint and other third party services. Policies can be created within Intune to respond to threats and perform real-time analysis.

Microsoft Integrations

Intune can be used in conjunction with configuration manager to get the benefits of the web-based admin center and use Intune's cloud-based features.

Windows Autopilot allows easy provisioning of new devices and allows those devices to be shipped directly to users. Existing devices can be re-imaged and updated to the latest Windows version. This will also be covered more in-depth in a later page.

Endpoint analytics can be configured for clear visibility and reporting on the end user experience, including device performance statistics.

Microsoft 365 apps can be deployed directly via Intune to allow users to access the full suite of Office applications.

Microsoft Defender for Endpoint helps prevent, detect, investigate and respond to threats. A service-to-service connection be established between Defender and Intune, allowing for policies to be set up that scan files, detect threats and report back threat levels.

Windows Autopatch is an integrated cloud updating service that keeps Microsoft software current.

Protect Data

Data can be protected on enrolled, managed devices. Intune can help isolate organisation data from personal data. On devices enrolled in Intune we can:

  • Create policies that configure security settings, set password requirements or deploy certificates.

  • Use mobile threat defence services to scan devices and detect threats.

  • View data and reports which measure compliance.

  • Control conditional access to only allow managed and compliant devices access to company resources.

  • Wipe organisational data if a device is compromised or lost/stolen.

To support ta hybrid work environment, Intune allows personal device enrolment. Users have the option to enrol their devices if they want full access to organisation resources, or if they only wish to use Outlook/Teams they can take on app protection policies that enforce MFA. On devices using app management we can:

  • Use threat defence services to protect app data via device scans and threat detection.

  • Prevent organisation data from being copied into personal apps.

  • Use app protection policies on apps and unmanaged devices.

  • Restrict access to organisation email and files with conditional access.

  • Remove organisational data from apps.

Other Intune Features

Intune allows use of Windows Hello for Business instead of a password for device sign-in. WHfB lets user sign in quickly and easily. It replaces passwords with a PIN or biometric, this info is stored locally on the devices and is never sent to external devices or servers.

VPN connections can be set for remote users to allow secure access to the network. Common VPN connection partners can be used to create a VPN policy with your network settings. Within the policy you can use certificates to authenticate the connection, this lets users connect without usernames and passwords.

WiFi policy can be created within Intune which automatically connects devices to a specified SSID when within range. Certificates can be used here to authenticate the connection, eliminating the need for usernames and passwords.

Single Sign-On (SSO) can be enabled to allow users to automatically sign into apps and services using their existing Microsoft Entra organisational account.

Last updated 11 months ago

💾
  • What is Intune?
  • Microsoft Integrations
  • Protect Data
  • Other Intune Features