Blog Post

Intune Customer Success

4 MIN READ

Endpoint security policies migrating to the unified settings platform in Microsoft Intune

Silver Contributor

Aug 04, 2023

By: Mike Danoski – Senior Product Manager | Microsoft Intune As we update and simplify creating and managing configuration settings in Microsoft Intune, we’re migrating policies and settings to...

Updated Aug 08, 2023

Version 3.0

Intune_Support_Team

Silver Contributor

Joined October 11, 2018

View Profile

Intune Customer Success

Follow this blog board to get notified when there's new activity

Martin Zonderland

Copper Contributor

Aug 11, 2023

Tim Wolf and JoeH45 and Intune_Support_Team

And for me, I am setting up everything in the Endpoint Security blade.

Only configurations not available over there will be set in Device Configuration Profile with Settings Catalog.

And this is an example of multiple engineers doing this differently.

The question is, what is the best practice for configuring AntiVirus, Encryption, Firewall, etc...

- Device Configuration Profile --> Settings Catalog?

- Endpoint Security blade

I think Microsoft will answer with, it depends on your situation, both are not wrong...

With RBAC you can give your security team permissions for the Endpoint Security blade, while not having access to the Device Configuration Profile... If you have separated teams (Security/IT Operations), maybe splitting this configuration is an option.