Even before the Spring of 2020, we had customers who were running into challenges with roaming and remote workers. Trying to identify devices and keeping up with their statuses (health, updates, etc.) proved to be challenging, at best. VPN costs were getting more and more expensive, yet the challenges of constant connectivity to the on-premises environment were vital to many of our customers. Security teams were adamant that devices needed to be compliant with patches for both the OS and the workloads running on them. Then came the waves of Windows feature upgrades that needed to be performed. Our customers were frustrated and said, “There must be a better way.”
So, is there a better way to manage these predominantly on-premises devices using Configuration Manager when they roam or are working remotely? The short answer is yes. Let’s explore the options for extending Configuration Manager to the cloud to bring these devices back under constant management without direct connectivity to your on-premises environment.
This is by far the ultimate upgrade for your existing Configuration Manager deployment. This solves the VPN connectivity issue while still allowing you to manage the device over the internet. Essentially, the CMG provides a line-of-sight for your on-premises joined devices to be managed without being on-premises.
Advantages of CMG:
This is the on-premises alternative to using the CMG. Use internet-based client management (IBCM) to manage Configuration Manager clients when they aren't connected to your internal network. Just extend your Configuration Manager infrastructure to the DMZ.
Advantages of using IBCM:
Tenant attach sets up synchronization between your Configuration Manager site and your Intune tenant. Extending the investment in your on-premises environment to the cloud without recreating net new configuration is the simplest way to add value. You will gain actions and insights into devices on-premises or off-premises from the Microsoft Endpoint Manager admin center.
Then you can see your Configuration Manager devices in the Microsoft Endpoint Manager admin center.
Advantages of IBCM:
When you enroll existing Configuration Manager clients in co-management, you light up new features in the cloud provided by Intune. This brings new functionality to your existing endpoint management capabilities and allows you to manage workloads in a hybrid fashion with Configuration Manager or push them to Intune at your own pace.
Advantages of Co-Management:
Let us know if you need us to help you plan or implement any of these options to extend your investment and provide additional capabilities for your Configuration Manager environment. We have been helping our customers manage their endpoint devices using SMS/SCCM/Configuration Manager and now Microsoft Endpoint Configuration for nearly 30 years.
Leverage your existing Microsoft Endpoint Configuration Manager (MECM) environment to accelerate the adoption of Modern Management with Microsoft Endpoint Manager (MEM) and Windows 10 devices.
KiZAN is a Microsoft National Solutions Provider with numerous gold and silver Microsoft competencies, including gold data analytics. Our primary offices are located in Louisville, KY, and Cincinnati, OH, with additional sales offices located in Tennessee, Indiana, Michigan, Pennsylvania, Florida, North Carolina, South Carolina, Georgia and Texas.