Confessions of a Microsoft Engineer

It’s perhaps not a well known fact that I work for Microsoft. I don’t believe I hide it that much, but neither do I actively talk about it either, at least not on this blog. But, today I’m going to talk about my real world work.

For the past year, I’ve been part of a small team (2 at minimum, 4 at max, presently 3) of engineers, working on a particular problem. The problem, simply stated is: Can Microsoft provide an ‘authenticated pipe’ that allows anyone with a browser to connect to their corporate assets behind a firewall?

The scenario is simple. You’ve got an iPad or Android device, you’re sitting in a cafe, or at home, and you want to gain access to http://corpnetsite. You want to feel like you’re on your corporate network, without actually being on your corporate network. Furthermore, you want to be able to achieve this freedom without having to turn to your IT department to request a punch through the firewall, or the setup of VPN, because it’s a challenge for the IT department to believe that end users should be able to do such a thing. Most importantly, you want to do this little task without seriously compromising the integrity of your corporate network, and exposing it to the ravishes of the open internet.

Our small team first prototyped, and recently has made freely available, what we call the “Application Gateway”. If you want to check it out, you can go to the Portal Page, and read about it.

What I really want to blog about is how our small team got it done, what tools we used, what processes we followed, how we’re doing the sales/marketing, and the like.  There’s really a lot to talk about.  But, as this is more of a confessional first post, I’ll be brief.

A bit of history (or, short form of my resume).

I have worked at Microsoft for the past 14 years.  I joined the company in 1998 because a colleague of mine (Chris Lovett) told me they were working on this cool thing called XML and that I might be perfect for the team.  I had worked with Chris while he was at Taligent.  My then company, Adamation, had sold some core technology to Taligent, so I was onsite.  So, I helped birth XML, and System.Xml, System.Data, a bunch of data stuff, and ultimately this thing called Xen, which served as a prototype to what is today known as LinQ.  Then I did something completely different, went to India, created the Engineering Excellence team there, lived and worked in Hyderabad for three years, before returning to Redmond, just in time to work on the first service available on this new thing called “Azure”.  That service was ACS (Access Control Service), which is about issuing claims/tokens for controlling things like Office Online, or any other application.

So, last year, I hooked with a long time colleague, and Microsoft Technical Fellow, John Shewchuk, to tackle this particular problem space.  Working for a Technical Fellow at Microsoft is an interesting experience, not for the faint of heart, or the insecure.  John is one of those guys that wonders out loud about a problem, and then says “go build it”.  The “go build it part” is extremely interesting, because at that point, you’re set free to get the job done however you see fit.  Do you need to hire engineers?  Do you need to buy a company, do you need to use technologies not standard to Microsoft?  Whatever you need to do, go do it.

As you might guess from my blog history, I personally spent a lot of time with Lua over the past year.  That was primarily for prototyping various pieces of the puzzle.  We also used node, and node is what we use for various production pieces.  At the same time, we coded up some pieces on Android, and iOS.  The iOS piece, what we call the “Application Gateway Browser” was most interesting because the bits are available in OpenSource form, as well as downloadable from the Apple store.  In fact, the application is free for anyone, and we encourage people to use it, look at the code, change it, etc.  We’re all about the pipe itself, not the end user browser code.

After working on the project for about 9 months, we came to the innevitable place of “yah, this might actually work, we better start thinking about getting the word out”.  If you know anything about Microsoft engineering, you might guess that a team of 3-4 people is not typical.  Big things are usually done by a minimum of about 30 people, and they can take a very long time.  That because in the ‘on premises’ world, where you only get to deploy new bits to customers once every few years, you have to expend an extraordinary amount of energy ensuring you catch as many bugs as possible up front, because the cost of fixing them down the line is so extremely high.  With cloud services though, the world is different.  Finding a bug, creating a fix, and deploying it, can occur in a matter of hours, or minutes, so you can run much more lean.  At any rate, here we are at the point where we want to get the word out.

This part of the story is just beginning.  For the moment, we’re allowing ourselves to blog personally, telling our friends and family to kick the tires, and slowly but surely getting the word out.

It’s actually very fun.  I feel about the same as I did when I was running my own company.  Imagine that, a startup hatched within the confines of a mega corporation.  Yes, there is a Santa Claus!

At any rate, this is a bit of a coming out.  In the near future, I’ll probably be posting more on our little project, because it has been quite fun, and we’ve done a lot of what I consider to be interesting tech.

So, if you’re a regular reader here, please do check out our portal at:  and see what it’s all about.  Keep in mind, this is work done by a few engineers, not a highly polished marketing piece.  It’s rough, but it representative our our passion and love for the product we’ve worked on for the past year.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s