.net Deployment practices to external customers as an IT vendor

Our group will be distributing a .net web site that supports one of our company's products. The end users are companies outside our own, so our group functions as an external IT vendor.

We will be testing and building internally and then delivering an MSI of the final build. I have questions on the best way to deliver a tested product to our customer IT contacts for their internal deployment.

Should we include the test assembly for execution by the MSI?

Should we use the web deployment functionality in Visual Studio, or would Wix or another deployment app be better suited for delivering the initial and, more importantly, the updates?

Because our customers are external, I am investigating whether or not an externally facing site (with the requisite security factors) is possible. It will likely involve some two-factor security mechanism involving a token, x.509 cert, etc. whatever. Does anyone else have a situation like this -- uber-secure internal, external customers -- and how do you deploy in this situation?

Thanks...

I was aware of this new product, but dismissed it as it didn't appear to address my needs. The WebPI seems like an option for *openly* distributed apps and not at all related to my particular situation with privacy and security. What did I miss that allowed my company use WebPI to deploy webapps securely to our external customers?

Kurt Johnson 2009-07-08 16:10:51

@kujotx - Within the blog post that I linked to, Scott Gu states: "Yep - the cool thing is that the packages are MSDeploy based packages (which is now built-into VS10). This means you can easily build packages that can be installed. The contents of the admin tool are driven by RSS - so you can publish your own feed and use that to install them." You'd still need a secure site of your own that would authenticate your customers, but I believe it would be possible to deploy apps with the Web Platform Installer to a limited (secured, authenticated) audience.

CraigTP 2009-07-08 16:58:45

For WebPI, it appears that I would be forced to upload my company's application to a web gallery. That won't work. It looks like internally hosted secure FTP download of an MSI is the front-runner.

Kurt Johnson 2009-07-08 18:08:37

@kujotx - Well the question to which Scott Gu was replying was, "Can I build "internal use only" packages that install with Web Platform Installer?" - This tells me that, whilst you may still need a "web gallery" of sorts, it doesn't need to be publicly accessible (i.e. could be on an intranet or closed extranet rather than the public internet). However, I admit I'm no expert on this new installer product and your suggestion of a secure FTP download of an MSI package sounds perfectly plausible also!

CraigTP 2009-07-08 19:17:00

Can this be achieved: "Theoretically, yes" according to the IIS Group Program Manager on http://forums.iis.net/p/1156364/1908136.aspx#1908136.Later choyer, the WPI Program Manager asked the OP to send their feed attempt to MS to see if they could make it work.So the short answer is that Web PI doesn't do this now, but it might in a future version.

Kurt Johnson 2009-08-20 16:00:07

ansaurus

tags:

views:

answers:

.net Deployment practices to external customers as an IT vendor

related questions