In the bad old days, before specialized update deployment program management, it was the responsibility of the update release manager to deploy their own updates.  And in a sense, things haven't really changed so much from the bad old days, except that they have.  Let me explain.

Believe it or not, getting important hotfixes and service packs into the hands of millions of customers worldwide is a somewhat complicated thing to do.  A recent security update from our team consisted of over 100 unique packages (patch executables), each functionally equivalent (that is, each contained the same logical fix), but each targeting a unique subsection of the .NET Framework ecosystem.  And believe it or not, exactly one of my colleagues was responsible for that update end-to-end.

The fix itself was easy, it was packing and deploying that fix that was complex.  Over 100 unique packages deployed via three versions of Windows Update, one managed network security tool, and the Microsoft Download Center, all with an international focus.  All in all, there were something like 400 unique ways that an arbitrary customer could get this necessary fix.

My colleague worked extraordinarily long hours with many sleepless nights (seriously) to get it out the door as fast as humanly possible before the black hats could do their worst.  That time frame was on the order of six months.

Getting all of that done was a full-time job for my colleague for literally months on end, and these were months after the update packages were already signed-off by everybody else: The bits were golden, my colleague just needed to get them into our customers' hands.  But what makes this story tragic is that it didn't need to be that way.  Most of that deployment work could have been done in parallel with the earlier work, the only reason it wasn't was a resource constraint: my colleague was only one person and the work required could have been more efficiently performed by two.  In this case, two resources instead of one could have literally cut the end-to-end time in half.

Those were the bad old days.  Those days are past.  Today we recognize that much of this deployment work can be done in parallel with other activities.  That's where the update deployment manager role comes in.  It's my job to help streamline the process: Get updates into customers' hands faster by parallelizing the work and specializing in deployment.

In a sense, things haven't changed so much at all.  If the same security issue were felt today, my colleague would still own the issue end-to-end.  What would be different is that my colleague would now have the support of resources dedicated to facilitating the deployment aspects of the update release.  In a nutshell, that's what I do: I do everything that I can day-to-day to make sure that valuable updates are delivered efficiently to exactly the right customers.  It's a complex mission (as I am hoping this blog will help to show), but it is both achievable and necessary.  I definitely feel up to the challenge.

I have a vision statement up on my wall.  It says this:

"Deliver the right updates to the right customers at the right time."

I parse this statement with "the right updates to the right customers" as a single unit: A large part of the complexity of the update deployment space is mapping our update packages to an absolute partition of our client space.  It doesn't do anybody any good (in fact, it can do very bad) if we deliver the right update to the wrong customer.  The right update to the wrong customer is just plain wrong: It will not do.  The wrong update to the right customer is just as bad.

The "right time" part of the vision statement basically means that we expect our updates to be timely.  That can mean that we get a mission-critical security update out the door fast.  It can also mean that we understand our customers' needs and respond in a timely manner when those needs change.

The intention of this blog is to help give the interested public some view into the complexities of servicing Visual Studio and the .NET Framework.  Other blogs exist on the subject, and this blog is by no means official or authoritative.  Rather, this blog represents the personal views of its author where that author is in the unique position of being responsible for the deployment of updates for Visual Studio and the .NET Framework.

I would like this blog to be a forum for appropriate customer feedback on deployments that we have or, for that matter, for those that we do not have.  Our mission is to serve our customers.  If you walk into a restaurant and order a sandwich then you expect that a sandwich will be delivered to you in a timely manner.  You don't expect a taco or a tailor.  If you think that you've ordered a sandwich and I've given you a taco and cuffed hems, I want to know about it.  This blog is intended to be a vehicle through which you (our customers) can communicate directly with me (the update deployment manager for Visual Studio and the .NET Framework).

I also think that there is very real value in articulating complex ideas simply for the sake of articulation.  That is, if nobody ever read this blog, I would still post it.  I believe that the process of articulation alone helps me to consolidate my understanding.  Moreover, there is the added benefit of transparency when customers do read this.  In other words, I expect this blog to be a win-win for myself and for our customers.

In a very real sense, I am the interface between my group (DD.CPX) and our customers.  I don't mean that in the sense that I have a blog while others on my team do not (see the statement above about this blog not being official), but in the sense that I am responsible for getting my group's products (updates for Visual Studio and the .NET Framework) into the hands of our customers.  At worse, I hope that our customers will always know why we've done what we've done.  At best, our customers should feel that they have a voice in the activities of this organization.  Let's get blogging.

My name is Blair Neumann and I am the Microsoft Program Manager in charge of update deployment for the Developer Division Customer Product-lifecycle Experience (DD.CPX) team.  That's a long way of saying that I am the person in charge of getting product updates (service packs and hotfixes) for Visual Studio and the .NET Framework into distribution channels like Windows Update, Microsoft Update, and the Microsoft Download Center.  Okay, that was longer.

I started doing this full-time in August, 2005.  I had been the go-to guy in QA for update deployment issues on the same team for about the year and a half previous.

I love the update deployment space.  I truly believe that every single update that we deliver helps make the internet a better and safer place.

I grew up about a mile from Microsoft main campus and literally watched it grow.  It was always a dream of mine to work here.

Stepping back, I took a bachelor's degree in Psychology before deciding to enter the tech world as the dot-com bubble was still forming.  I did product support for Windows 98 the day that it shipped and later helped test Windows 98 Second Edition and Windows Millennium Edition.  I was away from Microsoft between 2000 and 2003 during which time I helped to develop in-flight email services and went back to school to brush up on my Computer Science fundamentals.  I dropped out of CS graduate school in 2003 (in good standing) to join Microsoft full-time.  The rest of this history can be found above.

Microsoft Installer

See MSI.

MSI

Microsoft Installer; also called Windows Installer. cf.: OCM. Microsoft application installer technology: [More Info]. Installation technology used by all versions of Visual Studio. Also used by all "Redistributable" versions of the .NET Framework.

OCM

Optional Component Manager. cf.: MSI. Microsoft installer technology for operating system components. For example, this is generally the technology used by all components under "Add/Remove Windows Components" in Add/Remove Programs. Installation technology used by the .NET Framework 1.0 on Windows XP Tablet PC Edition and Media Center Edition, and by the .NET Framework 1.1 on 32-bit x86 versions of Windows Server 2003. All other versions of the .NET Framework use MSI on these platforms.

Optional Component Manager

See OCM.

Windows Installer

See MSI.