@Eduards , Based on my research, I have listed the reference features in Intune as below which is related to the features you listed in Mobile Iron.
-Encrypted Container, Docs (work with documents in encrypted container)
Based on the description, it seems to be a feature to protect app . In Intune, it is accomplished by app protection policy, here is the article for the reference:
https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policies
-email client support (Verse, Email+)
Currently, Mobileiron email++ is not in the protected app list. We can see more details in the following link:
https://learn.microsoft.com/en-us/mem/intune/apps/apps-supported-intune-apps
-apps (can install application based on policy)
Intune supports a wide range of app types. such as Apps from the store, Apps written in-house (line-of-business) and etc We can see more details in the following link:
https://learn.microsoft.com/en-us/mem/intune/apps/apps-add
-Web application (can access internal work resources using kerberos auth)
Based as I know, For the browser in Microsft, there's an app named edge. For the authentication method supporton Edge, we can see the folloing link:
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-security-identity
-Endpoint Security (road warriors microsoft + mac os notebooks)
the Endpoint security node in Intune to configure device security and to manage security tasks for devices when those devices are at risk. The Endpoint security policies are designed to help you focus on the security of your devices and mitigate risk. We can see more details in the following link:
https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-security
-Full disk encryption
Based as i know for windows, the disk encrption is done by Bitlocker and for MacOS, it is done by FileVault. Here ia an article for the two profiles we can refer to:
https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-security-disk-encryption-profile-settings
-Antivirus with behaviour detection, exploit prevention, HIDS
We can refer to Antivirus policy for endpoint security in intune:which needs to intergrate with Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) as a Mobile Threat Defense solution.
https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-security-antivirus-policy
-device control (usb)
Fro device control in Intune, we can refer to the following link:
https://learn.microsoft.com/en-us/windows/security/threat-protection/device-control/control-usb-devices-using-intune#allow-or-block-removable-devices
-WEB control
Protect your enterprise data, we can use Windows Information Protection (WIP) for windows device
https://learn.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip
-VPN for internal resources.
This can be done by dedicated app. Intune can only push some configuration file to them.
In general, Microsoft Intune is a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM). You control how your organization’s devices are used, We can know more information about inturn in the following article
https://learn.microsoft.com/en-us/mem/intune/
Hope it can help.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.