Event banner

Policy management with Microsoft Intune

Event Ended
Tuesday, Oct 25, 2022, 07:30 AM PDT
Online

Event details

You’ve seen all the exciting Microsoft Intune policy news at Microsoft Ignite, now it’s time to go deeper. Come join Julia and Mike as we share our top five Intune policy tips and tricks to help keep your endpoints managed and secure.

This session is part of the Microsoft Technical Takeoff: Windows + Intune. Add it to your calendar, RSVP for event reminders, and post your questions and comments below! This session will also be recorded and available on demand shortly after conclusion of the live event.
Heather_Poulsen
Updated Dec 27, 2024
Technical Takeoff

128 Comments

Show More
  • Hasan_TG's avatar
    Hasan_TG
    Copper Contributor
    Oct 22, 2022
    Where is the best place to manage security policies; endpoint security tab or Intune?
    • Oktay Sari's avatar
      Oktay Sari
      Iron Contributor
      Oct 25, 2022

      Here's my two cents and sort of a summary I guess:

       

      Security baselines are pre-configured groups of Windows settings and default values (recommended by the MS security teams). It's a profile template that consists of multiple device configuration profiles and a good starting point to quickly create and deploy a secure configuration profile

       

      endpoint security policies, are tightly focused device-level security settings that determine the configuration of Antivirus, disk encryption, firewalls etc. These policies can configure device security without the overhead of the many settings from device configuration profiles and security baselines.

       

      Settings catalog (my personal favorite) lists all the settings you can configure, in one place.
      It's like a shopping cart experience, where you can browse the catalog of all available policy settings and create a custom policy from scratch that meets your needs.

       

      configuration profiles (templates) include a logical group of settings and features that can be enabled or disabled on different devices like Android, iOS, macOS and Windows. Personally, this is my last resort when it comes to managing Windows devices.

       

      Hope this answers your question.

      Oktay

    • Mike-Danoski's avatar
      Mike-Danoski
      Icon for Microsoft rankMicrosoft
      Oct 25, 2022
      Thanks for your question, the idea of Endpoint Security is to have an area tailored to Security management experts. Most of the settings available in endpoint security are also available in device configuration and we plan to continue this. There are some advanced scenarios where we've added advanced tooling like the Endpoint Detection and Response profiles but for the most part you should find full parity in device configuration.
Date and Time
Oct 25, 20227:30 AM - 8:00 AM PDT