Windows Intune

Windows Intune simplifies and helps businesses manage and secure PCs using Windows Intune cloud services and Windows 7. Windows Intune includes;

  • The cloud service for PC security and management.
  • Upgrade rights to Windows 7 Enterprise and future versions of Windows.
  • It's a powerful combination of cloud services for PC security and management solutions and Windows upgrade licensing—all rolled into a single subscription.

With the Windows Intune cloud service, IT staff can remotely perform a number of security and management tasks. These tasks include management of updates, endpoint protection to help safeguard PCs from malware threats, and inventory management so IT and end users can remain productive from virtually anywhere. The only other thing required is an Internet connection. With the Windows 7 Enterprise upgrade, customers can get the best Windows experience with Windows 7 Enterprise or standardize on the Windows version of their choice.

Customers also have the option to purchase the Microsoft Desktop Optimization Pack (MDOP) add-on, a set of seven on-site advanced desktop management tools. MDOP can help further enhance security and control and help you resolve critical issues that could not be addressed by the cloud service, such as diagnosing and recovering unbootable PCs. For more information on the capabilities of the MDOP, please visit

PC Management & Security in the Cloud

  • Perform security and management tasks remotely from a web-based console.
  • Help secure PCs from malware and virus threats with endpoint protection.
  • Deploy most updates and line of business applications through the cloud.
  • Greater performance and security with available Windows 7 Enterprise upgrade.

Endpoint Protection

Windows Intune Endpoint Protection helps enhance the security of managed devices (computers and mobile devices) in your organization by providing real-time protection against potential threats, keeping malicious software definitions up to date, and automatically running scheduled scans.

The Windows Intune Endpoint Protection workspace in the Windows Intune administrator console provides Endpoint Protection status summaries so that if malicious software is detected on a managed device, or if a device is not protected, you can quickly identify the affected device and take appropriate action. You can also configure alert notification rules to notify you or others by email of a detected threat.

You can schedule automatic scans by using Policy, and at any time you can also run a remote task to initiate a quick scan or a full scan, or update malware definitions on a device. A quick scan checks the places, processes in the memory, and registry files on the hard disk that malicious software, or malware, is most likely to infect. A full scan checks all files on the hard disk and all currently running programs, so a full scan could cause managed devices to run slowly until the scan is complete. By default, quick scans are scheduled daily at 2 A.M. on devices that are not being used.

Also by default, Windows Intune checks for the latest virus and spyware definitions before quick scans are run. For more information about scheduling automatic scans, see Managing Security for Computers, Mobile Devices, and Data.

Resources & Information