1 / 27

Using AI to automate Windows and Office update staging with Windows Update for Business

Using AI to automate Windows and Office update staging with Windows Update for Business. Gabe Frost & Craig Marl. BRK2030. During this session we will cover:. A template for delivering thoughtful rollouts How Microsoft implements this template for devices we manage

bentonb
Download Presentation

Using AI to automate Windows and Office update staging with Windows Update for Business

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Using AI to automate Windows and Office update staging with Windows Update for Business Gabe Frost & Craig Marl BRK2030

  2. During this session we will cover: A template for delivering thoughtful rollouts How Microsoft implements this template for devices we manage How you can implement this template for devices you manage

  3. Updating at Scale +13B Security/Quality updates +1B Approaching 700M Active Windows 10 devices Feature updates +250M Version 1803 upgrades in record time 300+ Peaks for updates per second: LCUs: +1,000/second (April 11, 2018) Feature Updates: +112/second (May 22, 2018) Device updates per second

  4. Assess Readiness Pilot • Broadly Deploy A template for delivering thoughtful rollouts Inventory the diversity of hardware & software Early evaluation Develop pilot plan from readiness evaluation Stage rollout to pilot audience Monitor & Learn

  5. How we evolved our rollout methodology Finding balance between safety & velocity No pilot or staging Manual staging Machine Learning AI with Intelligent Pilot Automate ring population with ML – find the best devices with least risk to start rollout. Always re-training ML to minimize risk throughout the rollout. Post-update health signals automatically adapt the pace of rollout. Evaluate Insider readiness before release. Released worldwide after engineering sign-off. Monitor feedback from listening systems: diagnostic data, support call volumes, etc. Intelligent pilot audience selection to optimize coverage with fewest devices. More signal from listening systems; more automation to reduce latency. We learned Insider audience isn’t complete representation. Formed a pilot audience by enabling users to intentionally seek updates. Manual deployment rings to stage the rollout and find early issues.

  6. Machine Learning to predict device update readiness Drivers Pattern Matching Identify what leads to good and bad rollouts E.g. Driver-A and App-G Device Scoring Use ML to predict which devices are ready to update Firmware Apps Hardware . . . Etc.

  7. Device readiness drives rollout 80931 53289 Windows Update Update offering Bandwidth management • Listening Systems • CSS Call Volume • Post-Upgrade Health • App crashes or hangs • Kernel mode crashes • Rollbacks or uninstalls • Dirty shutdowns 32549

  8. Assess Readiness Pilot • Broadly Deploy Applying our template to consumer rollout Insiders & Seekers • Intelligent pilot audience selection Release to World (RTW) Intelligent Rollout

  9. The results +250M successful updates within first 4mo 20% reduction in system stability issues ~3min to complete offline update to 1803(fastest observed)

  10. How do you apply the template in your organization?

  11. Assess Readiness Pilot • Broad Deployment Applying the rollout template Template is designed to help you think through the big questions Is my organization ready? Have I run a pilot to identify any potential issues? Do I have a plan for staging the rollout over time and across my network? Understand and leverage tools available to apply this template Have I enabled analytics? Do I want to maintain on-premise infrastructure? Do I know what locations, departments or users I want to update first? Think beyond Microsoft provided tools, and reflect on your unique listening systems Do I have a channel to monitor help desk call or ticket data? Who are my users that raise early warnings? How do I engage with my software vendors?

  12. Assess Readiness Windows Insider Program for Business Windows & Desktop Analytics Windows Update policies for Business Desktop management software for configuring update policies Pilot Tools available to you Broadly Deploy

  13. Windows and Desktop Analytics Data-driven insights that reduce the cost of deployment, servicing, and support

  14. Managing updates from the cloud Intune Manage device update settings from the Cloud Client controls with Policies • Define Rings & Deadlines • Control Rollout • Notification Optimization • More Insights: Telemetry and metrics • Security and Feature update status • Windows Defender Antivirus status • Update deployment and troubleshooting • Delivery Optimization efficiency • More

  15. Windows Update policies for Business Deployment Rings & Deferrals Automatic Update Behavior Manage Deployment Choose a Release type, e.g. Insider or Semi-annual Group devices into rings based on when to start Quality or Feature Updates using Deferral Days Choose the Deadline for applying an update Set Active Hours Choose how often devices check for updates – Scan Frequency Choose whether device should receive Device Driver updates Pause deployments and choose whether end users can pause an update Rollback to previous revision Set Delivery Optimizations

  16. Create rings using deferrals and deadlines Validation Ring Deferral = 0 days Deadline = 2 days Assess Readiness High engagement users (Insiders) with willingness to report issues Canary Ring Deferral = 14 days Deadline = 7 days Pilot Combination of representative devices, software, users and locations Deployment Rings Deferral = 30 days Deadline = 7 days • Broadly Deploy Broad groups in organization

  17. Deploy Insider build for early readiness assessment GPEDIT Example: Computer Configuration\Administrative Templates\Windows Components\Windows Update\

  18. Configuring device update policies Define rings and releasetypewith Deferral policies Specify deadline and notificationexperiencebefore auto-restart Remediate as necessaryby Pausing rings for up to 35 days

  19. Applying the Rollout Template using Intune Craig Marl

  20. “Soft offers” lead to higher NPS Prompt users to install the update when convenient • Hard deadlines ensure compliance Considerations when setting up rings Set hard deadlines to prevent fragmentation • Delivery Optimization scales your network Leverage Delivery Optimization to minimize bandwidth impacts

  21. Delivery Optimization: Bandwidth management in a cloud-first world Cloud-managed: designed for the cloud era Distributed cache: each device contributes to reduce the overall bandwidth Multitasking: downloading from multiple sources Hybrid: downloads from http and peer sources in parallel Fast and furious: downloads are faster and more reliable

  22. User experience optimization Define endusernotificationexperiences for Quality and Feature Updates Day 0-2 Day 3-9 Day 10+ Auto Restart Period Engaged Restart Period Deadline Reached The device will attempt to reboot outside of active hours The device will prompt the user to schedule a reboot The device will attempt to reboot at next available time

  23. Demo

  24. We’re not done Customer obsession Advance analytics based on your feedback, with bias to actionable insights We know controls and analytics for security patch velocity and compliance are crucial We know network bandwidth management is a top concern We know phased deployments are too hard with cloud management First party is third party Productize the capabilities Microsoft uses internally to deliver rollouts: Intelligent rollouts, compatibility blocks, integration points for your listening systems, etc. Meet you where you are Deliver cloud value that you can adopt at your own pace, using the tools you love

  25. Please evaluate this sessionYour feedback is important to us! Please evaluate this session through MyEvaluations on the mobile appor website. Download the app:https://aka.ms/ignite.mobileApp Go to the website: https://myignite.techcommunity.microsoft.com/evaluations

  26. Thank you!

More Related