Microsoft Intune (formerly Microsoft Endpoint Manager), combining the capabilities of the former Microsoft System Center Configuration Manager, SCCM or ConfigMgr, is presented as a unified endpoint management option. Microsoft Intune is an endpoint management solution for mobile devices, an MDM solution that allows the user to securely manage iOS, Android, Windows, and macOS devices with a single endpoint management solution. The component Endpoint Configuration Manager (the…
$5
per user/per month
Workspace ONE UEM
Score 7.0 out of 10
N/A
VMware acquired Airwatch in 2014. Now from Omnissa, Workspace ONE is a Unified Endpoint Management (UEM) solution and is available in Standard, Advanced, Enterprise, and Advanced for VDI editions.
Windows Autopilot makes provisioning user Windows PC laptops a breeze. A user only needs to turn on the laptop, join it to their local WiFi, login with their O365 account then sit back and let Windows Autopilot handle the app installations required for work, configure the laptop settings to meet my organization requirements. I have seen this all completed in less than 30 minutes depending on how fast the internet connection is. Where Microsoft Intune needs to improve I think is the part where it can push out software updates to 3rd party apps. Right now I have to use Automox to fill in this gap.
AirWatch is a great tool for large organizations that need to manage more than 100 devices. The product is capable of handling multiple platforms and is scalable to any size company. I would not recommend AirWatch to small companies, companies with minimal MDM needs or companies on a tight budget. It's the Rolls Royce of MDMs, it has all the bells and whistles and it's not inexpensive.
[Microsoft Endpoint Manager (Microsoft Intune + SCCM)] helps to speed up the deployment of patches/software throughout our environment. I can easily build a package and then deploy across all endpoints.
The ability to supercede software is also quite handy. This automates the removal of old versions and replacing them with newer versions.
The Intune Autopilot option is very useful if you want to deploy software to devices straight out of the box. You can configure them to download software when a user opens a new PC and turns it on for the first time.
Compliance policies are robust. One thing we have done is to keep our operating systems updated using the Airwatch compliance policies. We created a customized email from an Airwatch template and send notifications to users when they are not compliant.
Volume Purchase Program Integration allows you to purchase apps with a corporate credit card and push out licenses to authorized users.
Staging user allows minimal end user interaction. Only 2 inputs when we hand a corporate phone to an end user(device password & email password).
Secure Content Locker allows us to open and manage email attachments in a secure container.
Installation is very laborious and complicated. The number of things to manually configure during the installation is incredible.
OS deployment is hard to configure and troubleshoot. The Microsoft article on deploying Windows 10 via System Center Configuration Manager in a test environment takes 44 minutes to read (Microsoft's estimate, not mine -- check here: https://docs.microsoft.com/en-us/windows/deployment/windows-10-poc-sc-config-mgr). If something goes wrong, there are multiple log locations to check on both the server and client, making troubleshooting difficult.
The management console looks old, and its performance isn't great. It is often hard to find settings in the console, and it refreshes slowly. The old name for System Center Configuration Manager, SMS, comes to mind often. "Slowly Moving Software."
Web Console GUI. The GUI is a little outdated compared to other MDM providers like Meraki, and can be slow at times.
Overlapping Profiles. I wish there was a GUI interface to show similar profiles that are being appiled to the same user groups, or a best practices intervention that can show me if there is a better way to layout my profiles.
AirWatch Mobile Apps. I would rather have my employees utilize Google Chrome or Firefox on their mobile devices, but can't because they need to access internal content via the MAG. It would be nice if AirWatch could integrate these two items together. All of their mobile apps are sluggish too. Users complain that the Content Locker is not friendly to work with, but on the admin side of things it's great.
Mascom Wireless is a Microsoft shop and SCCM has proved to be helpful in keeping our Microsoft products up to date every month without fail. We also have a Microsoft Enterprise Agreement which we renewed for three years ending 2022. The remote access utility works wonders for the organisation and have saved travel bills including subsistance allowance. We have been able to fulfill security audits both internal and external. We have been able to keep a robust inventory of our computer assets and nothing falls of the cracks
We've used it for 3 years and our contract is up later this year. We own the licenses, but we would have to either renew cloud services or bring the services in-house and install on servers here. We may want to see what's new in the marketplace that could be just as useful and cost effective.
Overall, Microsoft Intune is very usable. While help documentation can be lacking, once setup and configured, Intune does all the work that used to be manual. There is a lot of automation and advanced features and manufacturer integrations you don't get anywhere else. These are absolutely game changers when managing IT workloads.
It works well for our environment and what we're using it for. It actually does more than we're currently utilizing, but I believe our needs will change in the near future and we could utilize more features.
Just in the past few weeks our staff has had several issues with the website. It is either taking a long time to load anything or we are not able to get in at all. This is very frustrating when you are trying to manage and enroll users. It was down 2 days in a row just this past week. Not good!
It's a 'heavy' system, which demands a lot of resources form the datacenter perspective. So, make sure you followed the requirements to avoid frustration in the future. From the 'client' perspective, it's fine. I've never had any issue with that.
Went over the availability just a minute ago on the last rating. Don't use the reporting too much but will likely begin that soon. Integration with Active Directory doesn't seem to bog either system down.
Being a Microsoft product, support was good. Out interaction was limited to our in-house IT team which was installing the Intune app in our mobile device. The installation was smooth and we haven't faced any difficulties with the app while using it. Provides a smooth and secure access to all Office 365 apps in mobile while separating the personal and professional data.
There is a separate portal for Workspace One + Chat function. The support is fast but sometime you need a little but luck that the right person is supporting your case. Case escalation is not really working.
Work with a "test group" of users who you have a good relationship with so that when things don't work properly they understand! Work with your partner nicely without forcing things especially timelines as you are bound to make mistakes and create oversights in the project Management can also interfere with the implementation (which can cause delays) if you make too many mistakes which takes me back to having a "test group" where you have good relations
AirWatch support was included and helped with every step of the implementation. They have their "university" with helpful documents and phone support 24x7.
Microsoft Intune is more robust as far as fine-tuning security controls. It also allows for software installs, folder access controls, updating PCs, and other features simply not found in previous products we have used. Because it is rolled into MS 365 it's very cost effective. It's also a single pane of glass for managing user PCs and personal devices
At the time (2017) the Microsoft solution wasn't fully cloud-native and you needed several tools to accomplish the same as Workspace ONE Unified Endpoint Management. This would have led to even more issues getting up and running as we had with Workspace ONE. Last year we made switched to Microsoft Endpoint Manager cause it presented an easier interface and was better suited to go with our business direction of Microsoft 365.
The positive impact it's had was it has been really beneficial in having an all-in-one Systems Management solution to be able to manage all endpoints across the organization. This has saved both time and costs from having to search/setup/manage other System Management applications and also have saved money from having to purchase a license for other commercial products.
Another positive impact it has had was in being able to easily remote into computers/endpoints, and also being able to provide remote assistance to end-users.
The negative impact has been it is not being fully utilized by most of the IT staff, as it is a more complicated platform to learn/master. This would require funding for IT staff to take training in learning the product, or require time to consult the documentation in the use of the product. As a result, this may hurt productivity in being able to have to work on other things.
We now have over 100,000 users utilizing AirWatch, and the organization is performing exceptionally well in providing services to both VIP users and the broader user base. The solution has greatly enhanced our ability to manage and support users effectively.
In terms of ROI, the organization is fully satisfied with the service AirWatch provides, and there are plans to explore more features from VMware in the near future. Our next goal is to leverage cloud-based services, which will further enhance our capabilities.
Having a solution like AirWatch in place always creates a positive impact within the organization, allowing users to benefit from the full range of services provided. However, based on feedback, some users are dissatisfied with the enforcement of certain policies required for enrollment. Previously, the process was simpler, with users only needing to enter their ID and password to access emails on their devices. The additional steps in the current process have caused some frustration.
