Let’s discuss the 2403 Microsoft Intune New Features March Update. In the March update, Microsoft Intune introduces a range of new features to enhance user experience and functionality. These updates include improvements to security and administrative capabilities.
Organizations can now more efficiently manage their devices and data. With these enhancements, Intune continues to evolve as a comprehensive solution for modern device management and security needs.
Microsoft is excited to showcase Intune’s new capabilities. One cool feature is that it lets security and admin tasks share information. This month, Microsoft made some announcements about this and other cool features.
Microsoft keeps making its device management tool better with updates, often releasing them every week. These updates focus on boosting security and making things run smoother. The new features help people get more done and make it easier for users and admins to handle tricky situations.
- Microsoft Intune 2402 New Features February Update
- Microsoft Intune Extends Support To Android 10 And Later From October 2024
- Use Power Automate To Import Autopilot Devices Hash Via Email For Intune Engineers
What are the New Capabilities in Microsoft Intune that are being Highlighted?
Microsoft Intune is introducing new capabilities focusing on managing the gap between security and IT operations. These enhancements aim to simplify the sharing of information and capabilities between security and administrative functions within organizations.
2403 Microsoft Intune New Features March Update
The new capabilities in Microsoft Intune enable users and admins to work more productively by providing easy access to security and administrative features. This integration simplifies tasks, reduces risk, and allows for more efficient management of complex scenarios.
Where to Check Intune Service Release Version?
You can check the version of Microsoft Intune in the Intune portal. The following are the steps to do so.
- Sign in to the Microsoft Intune admin center at intune.microsoft.com.
- Go to Tenant Administration and click on Tenant Status.
- Click on the “Tenant Details” tab.
- Look for the “Service Release” section to find your current Intune service version.
- The latest released version is Intune Service Release 2403.
Enhanced Endpoint Security Overview
Microsoft is excited to announce the launch of a redesigned Overview page within the Endpoint security section. This interface focuses on centralizing essential details, such as device security status, to simplify the configuration and deployment processes for Microsoft Defender for Endpoint.
With this update, managing endpoint security becomes more accessible and more efficient. It empowers organizations to enhance their overall security posture effectively.
| Highlight | Description |
|---|---|
| Connector status at-a-glance | Provides a clear indication of the connection status between Defender for Endpoint and Intune. |
| Windows device Endpoint detection and response (EDR) status and actions | Enables quick assessment of Windows device status and offers one-click access to deployment options for Endpoint detection and response (EDR). |
| New preconfigured policy | Simplify the deployment process by offering a simplified workflow for administrators to deploy Defender for Endpoint and EDR in just a few clicks. |
| Antivirus agent status and monitoring report shortcuts | It visually represents the important antivirus data and facilitates easy access to Firewall and Malware reports, along with a convenient shortcut to the Defender portal for further management. |
Refreshed Endpoint Detection and Response Blade Features
Let’s discuss the Refreshed Endpoint Detection and Response Blade Features. You can easily Create an Endpoint detection and response policy to onboard devices to Microsoft Defender for Endpoint. The EDR (Endpoint Detection and Response) blade is undergoing a makeover, Which brings the following enhancements:
- Go to Endpoint Security in the Intune portal and click on Endpoint Detection and Response.
- It shows 2 tabs – Summary and EDR Onboarding Status
- It also shows 1 Option – Deploy Preconfigured Policy Option
| Endpoint Detection and Response | Description |
|---|---|
| Summary Tab | This tab provides an overview of EDR reporting. It offer a recap of the information available on the Overview page. It serves as a quick reference point for EDR-related insights. |
| EDR Onboarding Status Tab | This tab showcases the device Defender sensor state and EDR onboarding status. It offers a comprehensive view of the onboarding process, ensuring administrators have clear visibility into device readiness. |
| Deploy Preconfigured Policy Option | Admins can now easily onboard devices to EDR using the “Deploy preconfigured policy” option. This feature simplifies the onboarding process, making it easier and more efficient for administrators to configure devices for EDR. |
Configuring and Updating Dell BIOS Settings using Intune
Let’s discuss how to Configure and Update Dell BIOS settings using Intune. Microsoft and Dell have teamed up to bring a new feature to Microsoft Intune. Now, administrators can easily manage and set up BIOS settings right from Intune.
You can use the same easy deployment methods you are used to for configuring over 150 BIOS and hardware settings. With Dell Password Manager, Intune administrators can create strong, unique passwords for each device.
- Create Intune App Configuration Policies for MAM for Windows
- Intune Supports Assignment Filters for Android AOSP
- MEM Intune: Create Assignment Filters for Azure Virtual Desktop Single Session Windows 10 | AVD
- Intune Filters for Azure Virtual Desktop VMs
Extended Support for Managed App Assignment Filters to Windows Devices
Let’s discuss the Extended Support for Managed App Assignment Filters for Windows Devices. Last year, Microsoft introduced app assignment filters for iOS and Android devices, allowing IT admins to customize Mobile Application Management (MAM) policies based on specific usage scenarios.
With the latest release, Microsoft has expanded this support to include Windows devices. Administrators can now have more control over application protection and configuration policies.
New File Elevation Type for Endpoint Privilege Management
Microsoft Intune Suite introduces a new file elevation type called “support approved” for Endpoint Privilege Management. This feature is available within the Microsoft Intune Suite and can also be accessed as a standalone Intune add-on.
Enhanced Capabilities for Managed Google Play Apps on Personally-Owned Android Devices with a Work Profile
Intune now extends several capabilities to work profile devices in the Android Enterprise ecosystem. These enhancements mark a significant expansion in device management flexibility and user experience.
- Available Apps for Device Groups – Intune enables the deployment of apps to device groups via the Managed Google Play store, a feature previously exclusive to user groups.
- Update Priority Setting – Administrators can now configure app update priorities on devices with a work profile using Intune. This feature allows for better control over app updates.
- Required Apps Display in Managed Google Play – Required apps designated through Intune are now visible in the Managed Google Play store, enhancing accessibility and clarity for users.
New Settings Available in the Apple Settings Catalog
The Settings Catalog in the Microsoft Intune Admin Center now provides a comprehensive list of all settings available for configuration within a device policy. This centralized repository simplifies the process of managing settings by presenting them in one convenient location.
You can quickly discover this new addition by accessing Devices > Configuration > Create > iOS/iPadOS or macOS for the platform > Settings catalogue for profile type in the Microsoft Intune admin center.
In iOS/iPadOS device management, there are settings related to passcodes and restrictions. For passcodes, you can set the maximum number of days before a passcode needs to be changed, specify the minimum number of complex characters required, and enforce the use of alphanumeric passcodes.
In terms of restrictions, you can control whether users are allowed to install apps from the marketplace.
For macOS device management, there are settings related to passcodes and full disk encryption. Under passcode settings, you can enforce actions like requiring a passcode change at the next login, setting up a custom pattern for passcodes, determining how long to wait before resetting failed login attempts, setting the maximum passcode age, specifying the complexity of characters required, and ensuring the use of alphanumeric passcodes.
- Additionally, you can set how frequently the recovery fundamental changes under full disk encryption.
New Settings Available in the Windows Settings Catalog
The Settings Catalog is where you can find all the settings available for configuring device policies conveniently located in one place. Recently, new settings have been added to the Settings Catalog.
You can quickly check out these new options by opening the Microsoft Intune admin center, going to Devices > Configuration > Create > Windows 10 and later for the platform, and then to the Settings catalog for profile type.
| Category | Setting | Description |
|---|---|---|
| Delivery Optimization | DO Disallow Cache Server Downloads On VPN | Disallow downloads from Microsoft Connected Cache servers when the device connects via VPN. By default, the device is allowed to download from Microsoft Connected Cache when connected via VPN. |
| DO Set Hours To Limit Background Download Bandwidth | Specifies the maximum background download bandwidth utilized during and outside business hours as a percentage of available download bandwidth. | |
| DO Vpn Keywords | Allows setting one or more keywords used to recognize VPN connections. | |
| Messaging | Allow Message Sync | Enables the backup and restore of cellular text messages to Microsoft’s cloud services. |
| Microsoft Defender Antivirus | Specify the maximum depth to scan archive files | Sets the maximum depth for scanning archive files. |
| Specify the maximum size of archive files to be scanned | Sets the maximum size for scanning archive files. |
New Archive File Scan Settings Added to Antivirus Policy for Windows Devices
With the new updates to the Microsoft Defender Antivirus profile for endpoint security, you can now control 2 necessary settings for Windows 10 and 11 devices. They are as follows.
- Specify the maximum depth to scan archive files – Specify the maximum folder depth to extract from archive files for scanning. If this configuration is off or not set, the default value (0) is applied, and all archives are extracted up to the deepest folder for scanning.
- Specify the maximum size of archive files to be scanned – Specify the maximum size, in KB, of archive files to be extracted and scanned. If this configuration is off or not set, the default value (0) is applied, and all archives are extracted and scanned regardless of size.
New Compliance Settings for Android Work Profile, Personal Devices
Now, you can set compliance requirements specifically for work profile passwords without affecting device passwords. These new settings are available in compliance profiles for Android Enterprise personally-owned work profiles, found under System Security > Work Profile Security in Microsoft Intune.
Expedited Non-Security Updates for Windows 11 Devices
Windows quality updates now offer support for expediting non-security updates, allowing for faster deployment of quality fixes when necessary. This feature enables administrators to prioritize and deploy critical updates more quickly than the regular quality update settings would allow.
Introducing a Remote Action to Pause the Config Refresh Enforcement Interval
A new remote action is being introduced to pause the enforcement interval for configuration refresh. This feature allows administrators to stop the reapplication of policy settings on Windows devices temporarily.
It provides flexibility for admins to make changes, run remediation, or perform troubleshooting without affecting the enforcement of policy settings. Once the specified pause period expires, the settings will be enforced automatically.
Newly Available Protected Apps for Intune
Microsoft Intune now offers access to additional protected apps, expanding the range of secure applications available for deployment. These newly available protected apps include the following.
- Cerby by Cerby, Inc.
- OfficeMail Go by 9Folders, Inc.
- DealCloud by Intapp, Inc.
- Intapp 2.0 by Intapp, Inc.
Role-based Access Control Changes to Enrollment Settings for Windows Hello for Business
Let’s discuss Role-based access control changes to enrollment settings for Windows Hello for Business. Changes have been made to role-based access control for enrollment settings related to Windows Hello for Business.
These adjustments affect who can access and modify settings related to enrolling devices with Windows Hello for Business. This helps ensure that only authorized individuals have the appropriate permissions to manage these enrollment settings, enhancing security and control over the enrollment process.
New Enrollment Configuration for Windows Hello for Business under Device Security
In the Intune admin center, there is a new setting for Windows Hello for Business enrollment called “Enable enhanced sign-in security.” This feature enhances security by protecting users’ biometric data from potential threats posed by external devices.
It prevents malicious users from accessing a user’s biometrics through external peripherals, ensuring better protection for sensitive information.
HTML Formatting in Noncompliance Email Notifications
Intune has introduced support for HTML formatting in noncompliance email notifications across all platforms. This enhancement allows administrators to use supported HTML tags to add formatting elements such as italics, URL links, and bulleted lists to their organization’s noncompliance messages.
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
About the Author: Vidya is a computer enthusiast. She is here to share quick tips and tricks with Windows 11 or Windows 10 users. She loves writing about Windows 11 and related technologies. She is also keen to find solutions and write about day-to-day tech problems.