remote management

Yes. Jamf is an MDM. There are many. In no particular order or preference, others include Intune (from Microsoft), Mosyle, Jamf Now, Airwatch, MobileIron, Apple Business Essentials, and many more. Ideally, you will need the following:

• Sign up for Apple Business Manager (this is not Apple Business Essentials as Essentials is the Apple MDM while ABM is the chain of custody asset system

• Select and MDM

• Link your ABM to your reseller(s) (or Apple if you buy direct) so all new hardware is automatically assigned to ABM at time of purchase

• Define an MDM in ABM and set the assets to auto-assign to the MDM at time of ABM assignment

• Craft a process for managing existing devices - again, can be done without system wipe but you will not have the highest level of management.

• Craft an automated enrollment process

As for tutorials, Jamf offers the 100 classes for free on their website. Higher levels of certification are available but you need to take the classes. https://www.jamf.com/training/online-training/100/.

However, if you are buying directly from Jamf, you will need to perform a Jumpstart. This is a multi-day consulting engagement where Jamf will train you on the product. macOS and iOS are included. And if you need more, Jamf does offer onboarding services. The Jumpstart is to train you on the product, not to setup your specific environment. Onboarding services will setup your environment. I will assume these are both available in your region.

As for Apple Business Manager, you can initiate the sign up without calling Apple. https://business.apple.com/#/enrollment/form. You will need a person who can enter into legal contracts to be involved into the process and Apple will call you to ask a series of questions. Pro tip. Once you have ABM setup, make sure you create at least two admin accounts.

Again, the MDM solution will provide initial deployment, OS patching, app patching, app settings, restrictions, printers, etc. If you want a remote support tool, that remains an independent initiative.

Hope this helps you on your journey.

Reid

Again, there are two distinct questions you are trying to answer. They are device management and user support.

You should be looking into Device Management to handle OS updates, app patching, initial deployment, preference enforcement, and device lock/lost mode/remote wipe. These tasks are all possible using an MDM. Now, if you take this one step up, you should also be looking to sign up for Apple Business Manager as this will allow new hardware to be linked to your business entity, allowing automated enrollment via your MDM. And, most critically, devices automatically enrolled achieve supervised status, allowing the organization the greatest level of control. Let me paint a picture of how this works.

You sign up for Apple Business Manager (ABM) and link your Apple Customer ID or Apple Reseller to the account. All Apple hardware that is purchased now appears in ABM before it arrives at your facility/users. These hardware assets are assigned to an MDM. When the device is unboxed and turned on, it will hit Apple's Activation Servers and be directed to your ABM instance. The ABM instance will direct the unit to the MDM. The unit will automatically enroll. The enrollment process can deliver apps, settings, and data to the devices. The end user and the IT department will have very little direct actions to make this happen. Apple calls this zero-touch and it is very achievable.

The key is to sign up for ABM and pick an MDM. There are a lot. If you are only iOS devices, nearly any MDM will do. If you are a lot of Macs, Jamf is the best. Others can work. If you do a lot of Apple iCloud stuff, you might want to look at Apple Business Essentials. I am not yet a fan but I can see it working for some environments.

The second question you are trying to answer is the one on user support. That is really a decision of which remote support product fits your budget and need. I am partial to BeyondTrust but I am also a consultant and we make a point of not installing a persistent remote support agent. However, I support businesses who use GoToResolve, TeamViewer, and others that do install a persistent client.

Best recommendation I can give is to take control of the environment using MDM. It will make your life a lot easier and you can ensure all your devices are running the same versions of everything.

Please note, existing devices will need to be manually enrolled. This means you do not get full supervision. From some devices, if they are eligible, you may be able to manually inject into ABM using Apple Configurator (both on Mac and iPhone). But this will require full system wipe to inject into ABM so keep that in mind as it is workflow disruptive.

Hope this is helpful. Make your life easy. Get on an MDM and embrace Apple's management framework.

Reid

Are you looking for device management or remote support?

If the two environments are connected via a VPN, then Apple Remote Desktop can (generally) work for both requirements. It can be used as a "poorman's MDM" to manage the devices (supports remote PKG install, running unix commands, etc) as well as to remotely control the device.

However, if you are looking for remote support tools and devices are frequently off the network (lots of laptops and remote workers), then you can look at products like BeyondTrust, TeamViewer, or GoToResolve. If you use Jamf, TeamViewer is now supported in the Remote administration option, making setup rather easy. All of these do require user enablement of the screen recording PPPC right. That cannot be managed by an MDM.

Hope this is helpful,

Reid

If you're asking about Windows, you'll want to ask Microsoft what they recommend.

If you're asking about macOS, there are several options. Not all options are available in all regions. Some popular options include Jamf Now/Jamf Pro, Mosyle, Kandji, JumpCloud, and Apple Business Essentials. There are many others on the market, and the offerings may vary by region.