Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Manager Intune, though we can’t promise to reply to all posts.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Intune feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Intune. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. ASR Rule "Block persistence through WMI event subscription" missing

    The ASR Rule "Block persistence through WMI event subscription" can not be configured via Intune.

    Not via the "Devices | Configuration profiles" nor via "Endpoint security | Attack surface reduction"

    However, this is advertised in Windows Defender ATP, Microsoft Secure Score, and docs.microsoft.com

    https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction#block-persistence-through-wmi-event-subscription

    76 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Endpoint Security Policies  ·  Flag idea as inappropriate…  ·  Admin →
  2. Export Configuration Policy Settings

    Hello - @Intune Team

    I'm the security administrator at our company, and we are preparing for our Cybersecurity Maturity Model Certification (CMMC). Microsoft recommends that we "document and enforce security configuration settings for information technology products employed within the information system using organizationally defined security configuration checklists". Per the Model, we are to document these configuration settings, but there is no way to export settings without using Powershell. In other words, Microsoft would further be compliant with DFARS if there was an 'easy button' to export configuration settings of compliance policy properties into a text file for documentation purposes.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Endpoint Security Policies  ·  Flag idea as inappropriate…  ·  Admin →
  3. Malware detection reports not accurate

    Malware detection data under Endpoint Security > Antivirus > Windows 10 detected malware is not accurate. Devices report that files are cleaned and harmful files were quarantined, blocked, or removed, but Endpoint Protection portal does not even after 24 hours.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Endpoint Security Policies  ·  Flag idea as inappropriate…  ·  Admin →
  4. Windows Defender Antivirus catch-up scan options should be Enabled not Block

    Because of Intune insidiously adding extra settings in our other configuration profiles,

    https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/40411027-configuration-profiles-should-not-include-more-set

    some of our Windows computers appear to not perform catch-up scans on wake/restart, despite us cleaning up the rogue settings back to Not configured.

    Thinking about it though, shouldn't those options afford Enabled instead of Block? Actually there are many more settings scattered all over that I don't understand why the only option is to block. Surely organisations would want more flexible options for their policies.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Endpoint Security Policies  ·  Flag idea as inappropriate…  ·  Admin →
  5. New Endpoint Security node - combine existing settings

    If you have previously configured Bitlocker (or any other sec. feature) under Devices Configuration Profiles, the existing settings will not flow down to the new Endpoint Security node. In that case we might end up in conflict, where new admin creates new Bitlocker policy, not looking under Configuration Profiles.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Endpoint Security Policies  ·  Flag idea as inappropriate…  ·  Admin →
  6. Firewall rules for ICMP type of traffic

    Not possible to configure firewall rules for ICMP based on the type of ICMP traffic

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Endpoint Security Policies  ·  Flag idea as inappropriate…  ·  Admin →
  7. Sort, order and Export firewall rules

    Add the possibility to sort firewall rules by network type and direction and apply order of processing. Option to export MDM firewall rules is missing.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Endpoint Security Policies  ·  Flag idea as inappropriate…  ·  Admin →
  8. Firewall Policy script support for M365 GCC High

    The script described at https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-security-firewall-rule-tool is a great idea, however it is hard coded to authenticate to commercial Microsoft 365. Please release a script that works with GCC high.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Endpoint Security Policies  ·  Flag idea as inappropriate…  ·  Admin →
  9. Malware detection reports not accurate

    Malware detection data under Endpoint Security > Antivirus > Windows 10 detected malware is not accurate. Devices report that files are cleaned and harmful files were quarantined, blocked, or removed, but Endpoint Protection portal does not even after 24 hours.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Endpoint Security Policies  ·  Flag idea as inappropriate…  ·  Admin →
  10. Malware detection reports not accurate

    Malware detection data under Endpoint Security > Antivirus > Windows 10 detected malware is not accurate. Devices report that files are cleaned and harmful files were quarantined, blocked, or removed, but Endpoint Protection portal does not even after 24 hours.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Endpoint Security Policies  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base