![]() In MEM we can use compliance policies to measure our Mobile Device Management(MDM) clients against the rules set in the policy. ![]() We define when a device is considered compliant in Microsoft Endpoint Manager(MEM)/Intune or in Microsoft Endpoint Configuration Manager(MECM)/ConfigMgr. Within Conditional Access we can use the compliance status of a device as a condition or grant control for accessing Cloud applications. As far as I experience configuration packs are hardly used and not actively developed anymore. Microsoft and other vendors even supplied configuration packs, which were a set of configuration items and baselines which ConfigMgr admins could import and use in their ConfigMgr environment. In my opinion this functionality provided by ConfigMgr has always been better than using Group Policies, since by using ConfigMgr Configuration Baselines, we could set certain settings on our managed devices but also centrally monitor whether those settings were applied as well, and it also works on non Active Directory domain joined machines. You can measure for example if the Windows Firewall is enabled and configured as required, and if not enable it and remediate it’s configuration. Measuring your managed systems against a baseline has been around for a while, in Microsoft Endpoint Configuration Manager(MECM)/ConfigMgr we can already use one or more Configuration Items combined in a Configuration Baseline to measure and remediate clients against an imported or self created baseline.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |