In my previous posts I explained how we can add devices to Intune and how we can push applications to those. This is another blog post under same category and in here I am going to talk about managing device compliances using Microsoft Intune.
In an infrastructure, we know how trusted device should looks like. We use different tools and services to make sure those does. As a simple example, most use group policies to make sure firewall, windows updates are up and running. But now, it is hard to define infrastructure boundaries as many people use same device for work and personal stuff. More and more people are working remotely. So, administrators are losing control over the devices. With Microsoft Intune we can easily define compliance policies and detect devices which is not meeting infrastructure requirements. It is similar how network policy server works in BYOD environment.
In this demo I am going to create compliance policy to detect the devices which doesn’t have firewall and antivirus services running. once it detects, it also should send notification to IT department so they aware that non-compliance device is in network.
1. To start, log in Azure portal as Global administrator
2. Then go to All Services | Intune | Devices
3. Under devices I can see my demo device is in healthy state.
4. First, we need to create device group, so I can target it with the policy. to do that go to Intune home page and click on Groups
5. Then click on New Group
6. Then create the new security group with demo device.