Autopilot Overview
MSPControl Autopilot is the automation engine at the core of MSPControl. It connects policy‑driven configuration with endpoint management to deliver a seamless and scalable approach to managing Windows‑based infrastructures. Autopilot provisions, maintains, and secures devices through centrally defined policies, enabling service providers to reduce manual effort while improving reliability, compliance, and speed of delivery. For setup instructions, see the Autopilot Installation guide.
Key Capabilities
Autopilot empowers managed service providers with:
- RMM Foundation — Remote Monitoring and Management in MSPControl depends on the Autopilot agent installed on Windows systems.
- Patch Management — Automated Windows updates and patch deployment across fleets to maintain security and compliance.
- Policy Enforcement — Centralized device settings, security baselines, and compliance rules applied via profiles; see Device Settings.
- Scalable Provisioning — Configure once, apply everywhere; new devices automatically receive the correct configuration profile.
- Security Hardening — Consistent deployment of hardening templates to minimize vulnerabilities.
Autopilot Across the Platform
Autopilot surfaces throughout MSPControl to provide a unified device‑management experience:
- Devices — Central inventory of all managed endpoints and their health; start here to locate an endpoint and drill down. See Devices.
- Device Details — A single device’s telemetry, hardware, software, users, and actions. See Device Details.
- Device Settings — Policy templates that define behavior and security (Device Profile, Security Hardening, Trusted Sites, Managed Applications, Devices tab). See Device Settings.
- Managed Applications — Define what to deploy (Teams, Office, AV, etc.) and monitor enablement per template. Covered within Device Settings.
- Device Apps — Live catalog of software discovered on devices, with versioning, counts, and update‑toggle actions. See Device Apps.
- Device Map — Geospatial view of endpoints with powerful health/status filters (e.g., Not Azure AD Joined, Offline Devices, Orphaned Devices). See Device Map.
- Agentless Devices — Accounting view for iOS/Android endpoints discovered from Azure; these are tracked for inventory but are not managed by Autopilot. See Agentless Devices.
Business Value
Autopilot is not just a technical agent—it is the foundation for building efficient managed services:
- Reduced Operational Overhead — Less manual work and faster onboarding through reusable policy templates.
- Improved Security — Uniform hardening and patch baselines across tenants and device types.
- Scalability — Manage hundreds or thousands of endpoints with consistent outcomes.
- Customer Confidence — Demonstrate compliance and hygiene with auditable, automated controls.
Best Practices
- Adopt a “policy first” mindset: build and assign Device Settings templates per role (Server, Workstation, Kiosk) instead of configuring devices ad hoc.
- Use Security Hardening presets as a baseline, then layer environment‑specific exceptions in separate templates.
- Keep application deployment in Managed Applications minimal and standardized; manage exceptions with dedicated profiles.
- Review the Device Apps report regularly to identify outdated or shadow software and to toggle update controls where supported.
- Use the Device Map filters to quickly spot risk (e.g., Not Intune Joined, Missing Updates) and drive remediation campaigns.
- Track mobile/agentless inventory from Azure for visibility, while noting these are inventory‑only records.
See Also
