I would like Microsoft to consider separating the current managed solution model into two distinct deployment paradigms:

• Managed
• Secured

Today, managed solutions serve multiple purposes at once. They are used both as the standard artifact for controlled downstream deployment and as the mechanism for protecting publisher intellectual property and preventing direct customization. While those protections are important for ISVs and packaged applications, they can be overly restrictive for many enterprise implementation teams who primarily need controlled deployment behavior, versioning, and cleaner ALM patterns, but do not need the full lock-down model. It also creates unnecessary potential for semi-unrecoverable disaster scenarios where a less experienced customer administrator copies a higher environment over development in an attempt to re-baseline.

A "Managed" solution type would support the ALM and deployment benefits teams want in Test and Production environments, while still allowing administrators to revert the solution back to unmanaged if needed under controlled conditions.

Potential characteristics:

• Supports versioned deployment to downstream environments
• Preserves upgrade and patch semantics
• Encourages controlled ALM and cleaner promotion paths
• Allows a supported "revert to unmanaged" operation for customer-owned solutions
• Supports recovery from situations where teams need to resume direct customization or repair solution layering issues
• Designed primarily for enterprise customer implementations, not IP protection

A "Secured" solution type would represent the current managed model for scenarios where publishers need strong protection and immutability.

Potential characteristics:

• Prevents reverting to unmanaged
• Maintains strict protection of publisher logic and assets
• Preserves the existing safeguards needed by ISVs and commercial solution providers
• Keeps the current behavior for packaged applications where protecting implementation details and upgrade integrity is critical