Managed service providers looking for a cloud-based management/security service have a number of options, but if yours is a Microsoft shop and your small business customers are running Windows clients, one that you should consider is Windows Intune. With it, your staff can remotely manage PCs through a web console and configure security software (anti-malware and anti-virus), as well as deploying updates – all without ever having to visit the customer’s site. You can also deploy applications through the cloud to the client PCs (app installations in EXE, MSI or MSP format are supported, and a wizard guides you through the steps).
Intune is designed to provide the same sort of management capabilities for small and mid-sized businesses that enterprise-level organizations enjoy, and do it at a reasonable cost since it’s hosted by Microsoft and doesn’t require investing in the infrastructure. It’s a subscription based service that you pay for on a per-seat basis. And a nice bonus that you get with Intune is upgrade rights to Windows 7 Enterprise edition (however, you don’t have to upgrade – you can manage Windows XP or Vista clients instead). With any cloud-based service, reliability and availability are big concerns. Microsoft claims a 99.9 percent uptime for Windows Intune that’s backed up by an SLA (Service Level Agreement), and you get 24/7 support.
Of course, you can manage both the PCs that are on site at your customers’ locations and the mobile devices (laptops) that their employees use. Intune gives you control, so that you can initiate malware scans remotely or force malware definition updates. You can also manage firewall settings on all the PCs. And it includes reporting functionality so that you can generate and save reports on updates, licenses, the software running on the PCs and the hardware on which it’s running. That data can be imported into Excel for easier perusal.
Intune is pretty easy to deploy. You do have to install agent software on each of the PCs that you want to manage, but the agent will then automatically contact the Intune service in the cloud, install Forefront Endpoint Protection and keep the OS, applications and security definitions updated. If malware is detected on one of the managed PCs, Intune will send you an email notification.
The Intune management console that you access via the web browser (that supports Silverlight) is pretty simple. It’s laid out in “dashboard” style with a Notice Board that shows you the system status of your monitored computers, including agents that aren’t installed or that are offline. You’ll see any failed update installations and there’s a section for alerts (such as updates that you need to approve). You can create computer groups, track licenses, and define policies through the dashboard interface. Intune can also provide you with an inventory of your installed software. When you right click on a computer in the console, you have the options to run a full malware scan, run a quick malware scan, update the malware definitions or force the computer to restart.
Your client companies can subscribe to Intune and then designate your MSP as their service provider; that means you will receive the notifications and manage Intune from your location. If you’re a Microsoft Partner, you can also get a small “reward” for customers that you refer to sign up for Intune. Find out more about Intune for Microsoft Partners here.
Perhaps one of the biggest drawbacks to Intune is that it only supports Windows PCs, and in today’s business world, many organizations – even small ones – have Macs, Linux machines, or iOS or Android devices that you won’t be able to manage with Intune.
If Intune sounds like a solution that would work for you and your customers, you can get a free 30 day trial subscription for up to 25 computers (running Windows XP, Vista or 7 Pro or above). Find out more about that here.