Microsoft Endpoint Manager

Endpoint Manager combines services such Microsoft Intune, Configuration Manager, Desktop Analytics, co-management, and Windows Autopilot.

These services are part of the Microsoft 365 stack to help secure devices, manage access, protect data, and respond and manage risk. 

Centralised device management

Simplified admin controls

Increased security, reduced risk

What's involved?

Customers who have purchased Microsoft 365 licensing can take advantage of a large majority of the integrated technologies within Microsoft Endpoint Manager.


The main path of utilisation of Microsoft Endpoint Manager comes from customers who have configured traditional ConfigMgr environments or have deployed Intune as their MDM. These customers can take advantage of Microsoft Endpoint Manager right away. 


For customers who are not utilising Microsoft device management technologies, purchasing Microsoft Intune will provide the necessary licensing to start adoption. After this, customers will need to decide one of the following options depending on their needs: 

  • A cloud only solution using Intune 
  • An on-premise solution using ConfigMgr 
  • A co-managed solution using both Intune and ConfigMr 

The key integrated solutions that form Endpoint Manager include the following: 


Microsoft Intune: Intune is a fully cloud-based mobile device management (MDM) and mobile application management (MAM) provider for your apps and devices. It lets you control features and settings on Android, Android Enterprise, iOS/iPadOS, macOS, and Windows 10 devices. As part of Endpoint Manager, Intune is used to create and check for compliance, and deploy apps, features, and settings to your devices using the cloud. 


Configuration Manager: Configuration Manager is an on-premises management solution to manage desktops, servers, and laptops that are on your network or internet-based. You can cloud-enable it to integrate with Intune, Azure AD, Microsoft Defender ATP, and other cloud services. Use Configuration Manager to deploy apps, software updates, and operating systems. You can also monitor compliance, query and act on clients in real time, and much more.  


Desktop Analytics: Desktop Analytics is a cloud-based service that integrates with Configuration Manager. It provides insight and intelligence for you to make more informed decisions about the update readiness of your Windows clients. It provides information on security updates, apps, and devices in your organisation, and identifies compatibility issues with apps and drivers.  


Windows Autopilot: Windows Autopilot sets up and pre-configures new devices, getting them ready for use. It’s designed to simplify the life cycle of Windows devices, for both IT and end users, from initial deployment through end of life. As part of Endpoint Manager, use Autopilot to pre-configure devices, and automatically enrol devices in Intune. 


Azure AD Premium: Azure AD is used by Endpoint Manager for devices, users, groups, dynamic groups, auto-enrolment, multi-factor authentication, and conditional access. These features are key to protecting devices, apps, and data. 


As modern ways of working evolve, business and IT departments are being challenged to manage not only a wide ranging mix of devices, but also an increasingly mobile workforce. End users are increasingly accessing corporate data from multiple devices, some being personal, which can increase risks and introduce threats.


Having a centralised device management platform is essential for organisations to manage their devices. Without this, IT departments are challenged with not only looking after a large number of devices, but they will also need a number of different products to keep on top of security, deploy patchesinstall and update software and set policies 


Microsoft Endpoint Manager provides a number of benefits for customers 

  • Simplified licensing provides customers with an easy way to purchase Endpoint Manager without having to worry about on-premises or cloud based devices. Microsoft Intune licensing incorporates ConfigMgr client licenses. 
  • Customers have the benefit of utilising ConfigMgr for on-premise devices that are not cloud ready or can utilise co-management to share the workload of devices that are ready. Having both a cloud and on-prem based device management solution provides maximum flexibility. 
  • Finally, the integration of a number of Microsoft technologies provides more choices and options for business needs as well as a simpler administrative console. 

Case studies

Related resources