ClickOnce (a new runtime feature in Whidbey) is designed to solve many of the traditional problems associated with the deployment and maintenance of a .NET client application. It takes away much of the traditional pain of generating installer files and handling different security zones.
How do you use ClickOnce? Well, when you've created your application, you can run the Publish Wizard, which is the primary interface into ClickOnce. The selections you make here determine whether the application is available whilst connected to the network only or also offline, what security settings are required, if a public/private key pair is to be used for signing, and a location for publishing. Visual Studio then publishes the solution to the chosen location including all the shortcuts and configuration files required. By default, applications are set to run in a sandboxed environment (probably the intranet zone, if you've picked a local URL) However, if your application does something unsafe (such as file I/O), then on executing the shortcut it will prompt for permission to grant elevated permissions.
As part of the ClickOnce process, you can choose which prerequisites are necessary (e.g. MDAC, .NET Framework 2.0). When you execute an application, ClickOnce can check for updates: either before the application starts or in the background as the application is running. You can even configure a different update location from the original source and set whether accepting the update is mandatory or not. All these settings are available from a new Publish tab from the project properties.
ClickOnce is not a panacea for all solutions, for example, if you wanted to install a shell extension or install a component into the GAC, you'd need to create a full MSI project (also supported by Visual Studio). But for a "typical" departmental application that is to be deployed via the intranet, it's a great solution.