Quick Overview Comparison between Intune Azure and Silverlight Portal? I’m excited to share the comparison video and post of Intune Silverlight and the new Intune in MEM portal.
Loads of new features and loads of very good changes. All the new Azure tenants with a new Microsoft EMS subscription will be able to access a preview version of Intune in the MEM portal.
Latest Intune Admin Portal Walkthrough Guide | MEM Admin Center Latest Intune Admin Portal Walkthrough Guide | MEM Admin Center HTMD Blog (anoopcnair.com)
The performance, look and feel of Intune console is far better than Intune Silverlight console. Intune in MEM portal helps us eliminate loads of duplication works that we need to perform to create groups in Azure AD and Intune groups.
In the new portal, we can direct deploy applications, policies, profiles, etc… to Azure Active Directory Dynamic device groups and user groups. Enrolment restriction rules and RBA for Intune admins are other most exciting features for me within the new portal.
Video Tutorial to know Intune Silverlight Portal Experience
Video Tutorial to know Intune Silverlight Portal Experience.
Overview Comparison between Intune Azure
Manage Apps node is the place where you can create apps from the Android store, Apple Store, and Windows store. The most exciting feature in Manage apps is that you can directly search the Apple App store (Yes, I think for preview, we have only the option to select the US store) and fetch the application from there.
Hence you don’t need to specify the properties of that app. Deployments in the new MEM portal are called ASSIGNMENTS. You can directly deploy applications to AAD groups. One thing missing in the review version of Intune is an option to upload MSI applications.
Configure Device node is the place in the new Azure console where you can create configuration policies for iOS, Android for Work, Android, and Windows devices. In the Intune Silverlight portal, configuration policies have build-in generic policies for Windows, iOS, Android, etc…similarly new Intune portal in Azure has build-in profiles.
We have different profile types called Device Restriction policies, WiFi profiles, VPN profiles, SCEP deployment profiles, eMail profiles, etc… Device restriction policies are nothing but the build-in configuration policies for specific device platforms.
Set device compliance is the node where you can create new, improved compliance policies for all the supported devices like iOS, Android, and Windows. The improvement over the Silverlight Intune portal is that we can select the device platform explicitly in the compliance policies.
Also, depending upon the device platform, the separate compliance policies will get applied to different devices (even if a user is targeted to iOS, Android, and Windows compliance policies). Deployment of compliance policies is done via assignments in Intune portal.
The conditional Access node in the new Intune portal got very few options if you compare it with Intune Silverlight conditional access options. All the device-based conditional access rules are moved out of Intune. Now those device-based conditional access rules are part of Azure Active Directory. Device-based conditional access policy has loads of granular options, more conditions, more control options, etc…
Enroll Devices node is where you can define enrolment restriction rules. Enrolment restriction rules are the rules which help to restrict the devices from enrolling into Intune. The enrolment restriction rule comes before conditional access verification. Within enrolment restriction rules, we can have different types of restrictions like Device Type restrictions and Device Limit restrictions.
Device type restriction is the place where we can select device platforms and platform configurations. Enroll Devices node is the place where you can also define/configure Windows Hello for business, check the MDM management authority, Terms and conditions, Corporate device identities, and apple MDM push certificates.
Access control is the place where we can define custom security permissions for Administrator users. Role-based administrator (RBA) is enabled in the new Intune portal, where you create your own customized Intune admin roles.
Once you create a security role, you can create a new assignment to it and add Members Group and Scope Groups. Following are the permission options available in Intune review portal – Device Configurations, Managed Apps, Managed Devices, Mobile Apps, Organization, Remote tasks, Roles, Telecom Expenses, and Terms and conditions.
Anoop is Microsoft MVP! He is a Solution Architect in enterprise client management with more than 20 years of experience (calculation done in 2021) in IT. He is a blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. E writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc…