SoftwareOne logo

3.5 min to readMultivendor Support

System Center Configuration Manager vs. Intune

A silhouette of a person on a white background.
Markus MorySenior Consultant
A group of white squares on a white wall.

Many IT departments are currently facing specific challenges in the management of their systems. Traditional tools such as the System Center Configuration Manager (SCCM) are often used for this purpose. Others like Intune and Autopilot are already based around cloud technologies. A few still rely on old-fashioned "sneaker networks". It is becoming increasingly important for all companies to consider computer devices over their entire life cycle. Updates must be installed regularly to close security vulnerabilities. New Windows 10 versions need to be distributed twice a year. Inventory and compliance management, also beyond the proprietary Active Directory forest, are playing an increasingly important role.

But which is the right solution for my company? Typically for IT, the answer is quite simplyit depends. We will talk about the reasons for using the traditional method via SCCM and the reasons for choosing a modern approach using Intune. It is not intended as a detailed technical comparison, but merely as a description of the most important aspects.

System Center Configuration Manager

The System Center Configuration Manager is the classic solution for managing computer systems. Originally released in 1994 under the name Systems Management Server (SMS), it now runs as the System Center Configuration Manager Current Branch 1902. Like Windows 10, upgrades are released several times a year to fix bugs and introduce new features. The SCCM offers almost everything that admins could possibly want:

  • Inventory rationalization
  • Application distribution
  • Distribution of software updates
  • Distribution of operating systems
  • Compliance management
  • Remote maintenance
  • Control of Windows Defender Antivirus
  • Reporting
  • And much, much more …

The SCCM runs on servers in the company network, and a single server is often sufficient for small environments. But scaling across multiple servers and multiple locations is no problem for larger setups. Connections to services in Microsoft Azure also work perfectly.

But what precisely are its strengths compared to Microsoft Intune?

  • Use of the Microsoft Cloud is not mandatory. It is also not necessary to synchronize Active Directory with Azure. Bear in mind, though, that SCCM supports this option as well.
  • Windows Server can be managed, while Intune only supports Windows Client systems.
  • SCCM can be used to manage systems without Internet connection.
  • Administrators decide which changes to the SCCM environment are implemented.

Intune

Microsoft launched Intune in 2011. Starting with a very weak feature set, it has since evolved into one of the most important components in the Enterprise & Mobility Suite (EMS). In places, Intune offers the same features as SCCM. Here are a few of them:

  • Inventoriy rationalization
  • Application distribution
  • Distribution of software updates
  • Compliance management
  • Control of Windows Defender Antivirus
  • Reporting

Some may be surprised to note that the provisioning of operating systems is missing from the list. But that is correct. Modern client management uses a different technology called Windows Autopilot. The devices must be registered in Intune, and ideally the hardware distributor will take care of this when ordering new systems. During commissioning, the device is then automatically configured according to the specifications of the IT department and supplied with the required applications. The truly ingenious aspect of this method is that it does not require an admin. The system is simply handed over to the user in its original packaging, because everything will run automatically. Only an Internet connection is required.

Intune and associated services like Windows Autopilot are exclusively cloud-based systems. There is no need to provide an on-premises infrastructure. But they do require an Azure Active Directory. Mostly the data from the local Active Directory is synchronized here. The positive aspect is that users who already run Office 365 today can also benefit from Intune and co. with relatively little effort.

The following describes the strengths of Intune, compared to SCCM:

  • Complete MDM solution iPhones and Android devices
  • No local infrastructure is needed
  • Infrastructure does not require maintenance. Microsoft deals with this because it is a cloud application
  • Windows Autopilot
  • Extensive integration with other features from the Enterprise & Mobility Suite

I want it all and I want it now

Microsoft also has a solution up its sleeve for anyone keen to benefit from the best of both worlds. Co-management enables synchronous administration by both SCCM and Intune. This requires a Cloud Management Gateway on the SCCM side. The Cloud Management Gateway is a virtual instance within Azure that enables the management of SCCM clients that are not located in the local network. It is necessary to define which management system is in charge of particular areas in order to prevent SCCM and Intune from getting in each other’s due to different configurations.

Summary

As I mentioned in the introduction, a one-size-fits-all solution does not exist. It is vital that you take a good look at the infrastructure you are currently running, but also at the infrastructure you want to operate in the future. Both SCCM and Intune offer many, often overlapping features. So the right choice will always depend on your own strategic approach.

A building is lit up at night.

Multivendor Support

Streamline your support experience and reduce costs with SoftwareOne Multivendor Support services.

Multivendor Support

Streamline your support experience and reduce costs with SoftwareOne Multivendor Support services.

Author

A silhouette of a person on a white background.

Markus Mory
Senior Consultant

Digital Workplace, Microsoft