Windows Modern Device Management

Much like Jamf Pro enables Mobile Device Management for macOS devices, Microsoft Intune does the same for Windows devices.

This guide focuses on cloud-based "modern management" techniques and tools, which is the successor to legacy Active Directory-based management approaches.

Deploying Windows Devices using Microsoft Intune

By enrolling devices into Microsoft Intune, they can become sanctioned device under the Trusted Access solution architecture. These Windows devices are identifiable as company assets, with policies that can configure data access and local retention rules.

There are many different methods and techniques to consider with modern management.

Evaluate the enrollment method(s) you are supporting or would like to support in your environment.

• For already purchased or deployed devices, consider Azure Active Directory Join with Auto Enrollment enabled.
• For new devices, utilize Autopilot in User Driven mode.

Deploying Jamf Trust

Once modern device management has been established on a Windows device, assuming the user utilized a method involving logging in using their Azure AD / IdP credentials, it is now possible to zero-touch deploy and activate Jamf Trust.

1. Follow the steps in Enabling Access for Trusted Devices to configure Private Access in RADAR.
2. Follow the guide to Deploy Jamf Trust to Windows Devices via Microsoft Endpoint Manager.

Once the Jamf Trust app is installed on the device, it will auto launch, activate, and configure all network protection and Private Access capabilities that were defined in RADAR.