Cisco Intersight is an operations platform that helps IT operations teams control and automate Cisco UCS, converged, and hyperconverged infrastructure. Intersight consolidates and automates infrastructure lifecycle management from data centers to the edge in one solution delivered as-a-service.
N/A
Microsoft Intune
Score 8.1 out of 10
N/A
Microsoft Intune (formerly Microsoft Endpoint Manager), combining the capabilities of the former Microsoft System Center Configuration Manager, SCCM or ConfigMgr, is presented as a unified endpoint management option. Microsoft Intune is an endpoint management solution for mobile devices, an MDM solution that allows the user to securely manage iOS, Android, Windows, and macOS devices with a single endpoint management solution. The component Endpoint Configuration Manager (the…
It is highly suited for an organisation pushing for a standardised and centralised configuration of settings using policies, profiles and templates. It is highly suited for customers used to legacy UMM that need to refresh their environment, but instead of deploying them in UMM (which is still possible), to take the time and effort to learn Cisco Intersight Infrastructure Service and IMM as well as familiarise themselves with the differences between UMM and IMM, and the issues in UMM which IMM addresses and improves upon. We deployed in UMM initially then transitioned to IMM with the transition too. I cannot think of a scenario where Cisco Intersight Infrastructure Service would not be suited. Even for small-scale deployments, it provides significant benefits. Maybe if you come from another server vendor management environment, the learning curve may feel steep (e.g. many new concepts and constructs that one has to master).
Microsoft Intune is well suited for the larger end of the small business segment to the enterprise. The ability to configure and remotely deploy computer configurations, control mobile devices, and fine tune security controls of each device or device group is a major win for this product. Smaller and mid-sized businesses may balk at having to increase their license level to unlock the better updating features.
Standardising the environment by enforcing use of updating templates.
Show the difference on a profile between what has changed and what setting was last deployed.
Perform bulk deploy operation on profiles (like server profiles).
Policies underpin all settings (e.g. no more defining individual VLANs before being able to use them, or having to clean them up manually when they are no longer in use. You deploy a Domain VLAN policy that states which VLANs are configured on a domain (either standalone) or a domain profile template (if domains profiles are bound to an updating domain profile template).
[Microsoft Endpoint Manager (Microsoft Intune + SCCM)] helps to speed up the deployment of patches/software throughout our environment. I can easily build a package and then deploy across all endpoints.
The ability to supercede software is also quite handy. This automates the removal of old versions and replacing them with newer versions.
The Intune Autopilot option is very useful if you want to deploy software to devices straight out of the box. You can configure them to download software when a user opens a new PC and turns it on for the first time.
It is difficult to spot an added or removed VLAN in an Ethernet Network Group Policy or VLAN Policy. The comparison widget will show you that something has changed, but if you have 100s of VLANs, the difference does not stand out. Workaround: we copy the data out and compare it in a text editor.
If you are transitioning from UMM to IMM, you lose some functionality like vNIC redundancy pairs.
It is not easy to map the UMM version 4.x server firmware version to the equivalent IMM version 5.x firmware version.
It is not possible to configure out-of-band management IP addresses on a per-domain basis. You have to configure these ranges via an IMC Access policy (which contains the IP address range/pool) on the server profile. This leads to "server profile template sprawl" where we have to maintain multiple server profile templates since our domains sit on different ranges, even though the servers are for the most part configured identically.
UCS domains in IMM only support one Ethernet Network Group Policy (VLAN group) per vNIC template.
Deploying more apps besides Microsoft Edge and Microsoft Office 365 app
Microsoft needs to make it easier to deploy exe, pkg, and msi apps without having to go through the manual process of re-packaging these apps using tools from github like intuneapputil
Add a feature to push out software updates for 3rd party apps
Mascom Wireless is a Microsoft shop and SCCM has proved to be helpful in keeping our Microsoft products up to date every month without fail. We also have a Microsoft Enterprise Agreement which we renewed for three years ending 2022. The remote access utility works wonders for the organisation and have saved travel bills including subsistance allowance. We have been able to fulfill security audits both internal and external. We have been able to keep a robust inventory of our computer assets and nothing falls of the cracks
Usability of Cisco Intersight is highly dependent on the licensing purchased. The default (free) license level provides a lot of value for the minimal amount of effort to implement. The paid license levels provide additional features (detailed inventory, configuration management and deployment, etc.)
The console is not intuitive and does not work well often. Due to the complexity of the product, documentation can be confusing. When properly configured, routine tasks like OS deployment, remote control, and software deployment are easy to do. Troubleshooting of System Center Configuration Manager issues is hard, as there are various logs, and their content can be hard to understand.
It's a 'heavy' system, which demands a lot of resources form the datacenter perspective. So, make sure you followed the requirements to avoid frustration in the future. From the 'client' perspective, it's fine. I've never had any issue with that.
I have had servers TAC cases open for issues with Cisco Intersight. Some have yet to be resolved. One case that is still open is where the HCL status ( Hardware Compatibility List ) shows not validated when It should be. We have several servers that have the exact same hardware, OS, and the same firmware. One server will show the HCL is not validated but all others will
We have not needed to seek support for this product in the time that we have used it thus far. It's been working really well, and have not had any major issues. Being that it's a Microsoft product, it goes without saying that there will be many support options available if needed. This includes phone, web, forums, KB articles, etc. There is even comprehensive documentation that is available on the web through Microsoft's website for use of the product.
Work with a "test group" of users who you have a good relationship with so that when things don't work properly they understand! Work with your partner nicely without forcing things especially timelines as you are bound to make mistakes and create oversights in the project Management can also interfere with the implementation (which can cause delays) if you make too many mistakes which takes me back to having a "test group" where you have good relations
I personally think that Cisco Intersight Infrastructure Service is at the top of its class when it comes to managing data center hardware. The cloud-connected design feels very modern and easy to use. The mobile app is something I wouldn't expect to get in a server management tool. The way it can update, monitor, and manage our servers is very nice. Overall, we are very happy with it.
We did not evaluate or use other products like Microsoft Endpoint Manager (Microsoft Intune + SCCM). The main reason we did not evaluate or use other products is because Microsoft Endpoint Manager (Microsoft Intune + SCCM) integrates seamlessly with Microsoft 365 and Windows PCs. Expenses would have increased as well if we had purchased another similar product.
The negative thing is that we prefer to use the UCS Manager in our company because this bare metal is integrated into the FI and no extra appliance is required. SaaS is generally not viewed favorably in Germany.
Telling the user that they have to buy Intersight licenses even if they use UCS Manager annoys our customers.
In our current environment, this System Center Configuration Manager had replaced several standalone solutions for patching, imaging, remote assistance, reporting, etc. That saved a lot of time and resulted in money to manage the IT infrastructure.
Once SCCM is deployed and fully configured, all agents are deployed and it is easy to automate a lot of processes and just control them from time to time to make sure that everything is working as supposed to be.
SCCM + Windows 10: great built-in endpoint protection solution. As a result, there is no need to buy additional software for that purpose.
The imaging process is better compared to WDS because you can modify deployment packages and apply patches to a newly imaged machine. This saves tons of time for new employees deployment.
