制定 SaaS 移动设备管理策略Develop SaaS mobile device management strategy

备注

本主题是更大的设计注意事项指南的一部分。This topic is part of a larger design considerations guide. 如果你希望从指南的开头开始,请查看主要主题If you'd like to start at the beginning of the guide, check out the main topic. 若要获取此完整指南的可下载副本,请访问 TechNet 库To get a downloadable copy of this entire guide, visit the TechNet Gallery.

确定你的 SaaS 解决方案要求Identify your SaaS solution requirements

根据你对任务 1 中的问题的回答,你应该能够确定需要在移动设备管理解决方案中支持的 SaaS 解决方案。Depending on how you answered the questions in Task 1, you should be able to determine what the SaaS solution needs to support in your mobile device management solution. 下面的表 20 将有助于你了解每个 SaaS 解决方案的优点和缺点:Table 20 below will help you understand the advantages and disadvantages of each SaaS solution scenario:

Intune(独立版)Intune (standalone)

优点Advantages

  • 作为多租户提供,公有云体系结构Offered as a multi-tenant, public cloud architecture
  • 扩展以支持最多 50,000 台移动设备Scales to support up to 50,000 mobile devices
  • 不需要对本地基础结构、硬件或软件进行任何额外投资Doesn’t require any additional investments in on-premises infrastructure, hardware or software
  • 每天进行更新和功能改进。Updates and feature improvements are made on a daily basis. 每月进行主要的特性和功能增强。Major feature and functionality enhancements made on a monthly basis
  • 服务可以分配给特定地理位置的数据中心Services can be assigned to datacenters in specific geographic locations
  • 数据中心故障转移可以限制于特定地理位置Datacenter fail-overs can be restricted to specific geographic locations
  • 经认证并且符合大部分行业和政府标准服务级别协议 (SLA),受到财务支持,如果服务或功能不可用,将免除每月费用Certified and compliant with the most industry and governmental standards Service Level Agreement (SLA) is financially-backed, if the service or features aren’t available, monthly charges are waived

缺点Disadvantages

  • 不支持私有云实例Private cloud instances aren’t supported
  • 如果你需要支持 50,000 台以上的移动设备,你需要将 Itune 连接到 ConfigMgr 以管理其他设备If you need to support more than 50,000 mobile devices, you’ll need to connect Intune to ConfigMgr to manage the additional devices

Office 365 的 MDMMDM for Office 365

优点Advantages

  • 与 Office 365 商业租户紧密集成,为移动设备和 Office 365 租户服务(Exchange Online、SharePoint Online 和 Skype for Business Online)提供一个单一管理控制台。Tightly integrated with Office 365 commercial tenants, providing a single management console for mobile devices and Office 365 tenant services (Exchange Online, SharePoint Online, and Skype for Business Online).
  • 在 Office 365 多租户(公用)或私人(专用)平台类型中提供Offered in Office 365 multi-tenant (public) or private (dedicated) platform types
  • 没有额外的用户或设备授权成本,默认包含在 Office 365 商业(企业、公司、教育和政府)计划中No additional user or device licensing costs, included by default in Office 365 commercial (Business, Enterprise, Education, and Government) plans

缺点Disadvantages

  • 不支持管理非移动操作系统Doesn’t support managing non-mobile operating system
  • (仅)在将本地管理平台用于非移动设备时,预配移动设备还有其他管理界面。Additional management interface for provisioning mobile devices (only) if using an on-premises management platform for non-mobile devices.

混合版(带 ConfigMgr 的 Intune)Hybrid (Intune with ConfigMgr)

优点Advantages

  • 除了 Intune 独立版的所有优点外,还包括以下优点:Intune(基于云的设备管理服务)与 ConfigMgr(本地设备管理平台)之间的集成All the advantages of Intune standalone, plus the following:Native integration between Intune (cloud-based device management service) with ConfigMgr (on-premises device management platform)
  • 通过 Intune 连接性支持移动设备的高级设备预配选项Supports advanced device provisioning options for mobile devices via Intune connectivity
  • 通过平台扩展(自动或自定义)扩展到本地 ConfigMgr 基础结构的新 Intune 服务特性和功能。New Intune service features and functionality extended to the on-premises ConfigMgr infrastructure via platform extensions, either automatically or customized.

缺点Disadvantages

  • 要求其他配置要求,以将 Intune 与本地 ConfigMgr 基础结构相连接。Requires additional configuration requirements to connect Intune with the on-premises ConfigMgr infrastructure.
  • 对于尚未配置当前 ConfigMgr 基础结构的组织,需要在与 Intune 集成之前进行规划、安装和配置。For organizations that don’t have a current ConfigMgr infrastructure configured, it will need to be planned, installed and configured prior to integrating with Intune.

若要了解在每个平台中进行选择性擦除后删除哪些数据以及对设备上的剩余数据的影响,请务必阅读文章通过 Microsoft Intune 使用远程擦除、远程锁定或密码重置帮助保护数据Make sure to read the article Help protect your data with remote wipe, remote lock, or passcode reset using Microsoft Intune to understand what data is removed and the effect on data that remains on the device after a selective wipe per platform. 如果你有混合环境,请参考文章如何使用 Configuration Manager 远程擦除移动设备以了解如何使用 ConfigMgr 完成此任务。If you have a hybrid environment, consult the article How to remote wipe mobile devices using Configuration Manager to understand how ConfigMgr can be used to accomplish this task.

有关 SaaS 解决方案功能和要求的更多详细信息,请务必查看 Microsoft Intune 的服务说明主题,以了解适用于 ffice 365 的 MDM 与混合 Intune 和 Configmgr 基础结构中的 SaaS 支持之间的差异。For more details about SaaS solution functionality and requirements, make sure to review the service description for Microsoft Intune topic to understand the differences in SaaS support in MDM for Office 365 and in a hybrid Intune and ConfigMgr infrastructure.