8 Reasons to Select Intune Standalone Over Hybrid

1
ntune Standalone or Hybrid

I understand that the decision to go with Intune standalone or Intune hybrid with SCCM is critical for all the organizations. I was part of one Intune hybrid or standalone decision-making team. And I’m happy that we took a decision NOT to go with Intune hybrid solution with SCCM integration.

This post is prepared before MVP Summit 2018. During the MVP Summit in Seattle, we had a great discussion with Shitanshu Verma and his team about their experience of migrating from Intune hybrid to Intune standalone. I will cover some of those points in the next post “Migration Guide Intune Hybrid SCCM to Intune Standalone“.

High Level Content of this post

Should I go with Intune Standalone or Hybrid?
Feature Parity – Is still valid to go with Intune Hybrid?
Role Based Administration – Is still valid to go with Intune Hybrid?
Single Pane of Glass – Is still valid to go with Intune Hybrid?
Reporting – Is still valid to go with Intune Hybrid?
Scalability – Is still valid to go with Intune Hybrid?
Programmability (Automation) – Is still valid to go with Intune Hybrid?
Integration with Third (3rd) Party Echo system – Is still valid to go with Intune Hybrid?
Other Reasons – Is still valid to go with Intune Hybrid?

Should go with Intune Standalone or Hybrid?

Whether to go with Intune hybrid with SCCM or Intune standalone? I don’t recommend Intune hybrid architecture. This is explained in my previous post “SCCM Intune Architecture Decision Making Tips and Sample Diagram“. In this post, we will see more details why should NOT go with Intune Hybrid solution.

Microsoft already provides detailed documentation of this decision making. More details choose between Microsoft Intune standalone and hybrid with SCCM. Microsoft also has complete documentation about migrating Intune hybrid users to Intune standalone. So, it’s clear that Microsoft recommends going with Intune standalone and SCCM Stand-alone infrastructure.

In this post, I’m going to discuss more than eight (8) reasons either to go with Intune Standalone over Hybrid. I will perform detailed analysis on those 8+ reasons which can influence decision making. Following are my recommendations!

NEW customers should  select INTUNE STANDALONE as a preferred method

EXISTING customers should start PLANNING to MIGRATE to INTUNE STANDALONE

Feature Parity – Intune Standalone or Hybrid

The parity between the features of Intune hybrid and standalone was the initial concern. I mentioned this my previous blog here that “The biggest and most awaited thing in SCCM CB hybrid is feature parity between Intune Stand Alone version and SCCM CB hybrid version”. But things changed after that blog post and Microsoft introduced co-management of Windows 10 and other new things.

Feature parity is NOT VALID point in the decision making to go with Intune HYBRID

Decision ==> Intune Standalone

Role Based Administration – Intune Standalone or Hybrid 

The changes mentioned above made the decision making between Intune hybrid and standalone bit easy. Apart from the feature parity, Role Based Administration (RBA) was one reason for organisations to go with Intune hybrid with SCCM integration.

Intune standalone introduced RBAC option in Azure portal Intune blade. I have a post which explains about RBAC “Intune Role Based Administration RBA Controls“.

RBAC is NOT VALID  point in the decision making to go with Intune HYBRID

Decision ==> Intune Standalone

Single Pane of Glass – Intune Standalone or Hybrid

Single pane of glass was one other reason organisation wanted to choose Intune hybrid with SCCM integration. But in the reality, it was never was a single console for an end to end device management. But Azure (Intune console) can be the single pane of glass for Windows PC (through the MDM channel), Mac, iOS, and Android device management.

For example, the Conditional Access node in SCCM console is just placeholder. When you click on conditional access, it will help to open up the Intune console Conditional Access page. So in other ways, we need to use different consoles to manage Azure AD Conditional Access.

Single Pane of Glass console is NOT VALID  point in the decision making to go with Intune HYBRID

Decision ==> Intune Standalone

Reporting – Intune Standalone or Hybrid

Intune hybrid solution has rich reporting options. With Intune hybrid solution, we will have all the details of the devices/applications will be available in SCCM DB. This will help organisations to perform data mining and to create custom reports etc..

Intune standalone has options called Intune Data Warehouse to create custom reports. We can use the Intune Data Warehouse to build reports (perform data mining) that provide insight of devices which are managed by Intune solution.

Following are some data points related to reporting.

  • Heavily use custom reports and perform all kind of data mining activities with SCCM DB then, Intune Data Warehouse could be a little muddy option for some of you.
  • SCCM database connected to asset management system within the organisation. You need to architecture those systems to get data from Intune Data Warehouse.

But if you compare other advantages of Intune Standalone and future strategy of your organisation then, I would still go with Intune Standalone.

Reporting is STILL VALID point in the decision making, but I won’t go with Intune HYBRID

Decision ==> Intune Standalone

Scalability – Intune Standalone or Hybrid

Scalability is not an issue since the Intune migration to the Azure portal. Microsoft can support over 50k mobile devices with new Intune solution. Microsoft Intune standalone running on Azure infrastructure can scale to meet customer’s scalability needs.

Scalability is NOT VALID point in the decision making to go with Intune HYBRID

Decision ==> Intune Standalone

Programmability (Automation) – Intune Standalone or Hybrid

Intune API is generally available in Microsoft Graph. All the automation & programmability options are available in a fully supported way. Intune API in Microsoft Graph allows you to connect different Microsoft cloud services and automate workflows and processes between them.

Programmability (Automation) – NOT VALID point in the decision making to go with Intune HYBRID

Decision ==> Intune Standalone

Integration with Third Party Echo System – Intune Standalone or Hybrid

Can Intune standalone get integrated with ISVs (Independent Software Vendor) like ServiceNow or Remedy? There is NO out of box integration available from the ISVs at the time of writing this post.

ServiceNow and Remedy are very popular IT service management tools. These tools are essential for most of the organizations. As SCCM is having vast majority market share in device management world, the ISVs are interested in keeping their development efforts with SCCM integration.

But Microsoft Intune has a way to hook into ISVs like Remedy and ServiceNow for IT service management and as well as for asset management.  But I think these ISVs are going to wait until Microsoft Intune has a good market share to put their money into developing Intune integration efforts.

But there are workarounds to integrate your existing investments with Remedy/ServiceNow and Intune. These workarounds can be achieved through PowerShell and Graph API. I will tend to decide to go with Intune standalone on this topic as well.

Integration with Third Party Echo System – STILL VALID point in the decision making to go with Intune HYBRID 

Decision ==> Intune Standalone

Other Reasons – Intune Standalone or Hybrid

There could be other reasons which are prompting each organisation to decide to go with Intune hybrid solution with SCCM integration. But I’m sure Microsoft is fully aware of those decision points. If not, you can make Microsoft aware of those reasons via user voice items.

Following are/were some of the other reasons :-

  • Multiple NDES servers for Certificate Delivery – Already available with Intune Standalone
  • Multiple Exchange connectors – Microsoft is already aware of this requirement
  • S/MIME encryption support – Microsoft is already aware of this requirement
  • SamAccountName in email profiles, Entrust PFX, FQDN in SCEP cert profiles, etc..

There are some valid points to keep Intune Hybrid environment for existing customers. If reasons mentioned above are critical for your organisation and you are already in an Intune hybrid setup then, I will wait for some more time before starting the migration from Intune hybrid to Intune standalone. But I would recommend going with Intune Standalone for new implementations.

Other Reasons – STILL VALID point in the decision making to go with Intune HYBRID 

Decision ==> Intune Standalone

Resources:-

Choose between Microsoft Intune standalone and hybrid with SCCM

1 COMMENT

LEAVE A REPLY

Please enter your comment!
Please enter your name here