Deprecated: Use of "static" in callables is deprecated in /chroot/home/a40b7614/774635bdc8.nxcli.io/html/wp-content/plugins/moosend-email-marketing/vendor/moosend/website-tracking/src/Utils/Uuid.php on line 15 Deprecated: Use of "static" in callables is deprecated in /chroot/home/a40b7614/774635bdc8.nxcli.io/html/wp-content/plugins/moosend-email-marketing/vendor/moosend/website-tracking/src/Utils/Uuid.php on line 15 Deprecated: Use of "static" in callables is deprecated in /chroot/home/a40b7614/774635bdc8.nxcli.io/html/wp-content/plugins/moosend-email-marketing/vendor/moosend/website-tracking/src/Utils/Uuid.php on line 15 Deprecated: strtr(): Passing null to parameter #1 ($string) of type string is deprecated in /chroot/home/a40b7614/774635bdc8.nxcli.io/html/wp-content/plugins/moosend-email-marketing/vendor/moosend/website-tracking/src/Utils/Encryption.php on line 8 Deprecated: urlencode(): Passing null to parameter #1 ($string) of type string is deprecated in /chroot/home/a40b7614/774635bdc8.nxcli.io/html/wp-content/plugins/moosend-email-marketing/vendor/moosend/website-tracking/src/Payload.php on line 202 Blog – Page 22 – SoftwareArchitect.ca

SoftwareArchitect.ca

Blog

How Do Software Architects Make Decisions?
A student asked me a question in my Introduction to Software Architecture course, and I decided to write a bit of a longer answer than usual. So I posted it here. 🙂

How and When Architect decide which technologies to go with?

I would like to know How and When an Architect decides which technology to go with? If he/she is not having in-depth tech knowledge, how to decide if selected technology is capable of catering the need

Well, that is a big question of course. This course went over the role of a software architect at a high level, but a more practical question is how to decide between two or more options when faced with a tough decision.

So let’s look at a scenario with real products, and figure out which we would like to buy.

Scenario: You know you need to buy a piece of software, but how do you choose which piece of software is best?

You have to go and find a marketing solution. You did your research, and the choices are… IBM Marketing Cloud, Oracle Marketing Cloud, Adobe Marketing Cloud, and Salesforce Marketing Cloud. Yes, four massive companies have named their product the same thing.

So how do you choose which one to go with?

Usually, the way companies do this, is come up with their requirements (part of a RFP). They make a list of features that the product they choose must have, and a list of nice to have features, against which products will be judged against.

In my case, I want a marketing cloud that has the following features, must have:
- Rock solid security
- Intelligent folder structure for projects to support all my clients without risk of overlap (multi-tenant)
- Fine control over which users get access to which clients
- Proven ability to send high volume of emails
- Detailed and reliable reporting and tracking features
- Email automations, funnels
- Schedule emails
- Pre-stored templates
- Customer support by the vendor
- Cost per user
My nice-to-have features are the following:
- Can host standalone web pages
- Support multiple languages for the same email
- Handle unsubscribes with customizable pages
- Future roadmap
So you make your lists of features that you’d like to see.

Now for each application, you need to “grade” the application on a score of 1-10 against each of the features.

On a scale of 1-10, how great is the security? Does it integrate with your Active Directory? Can you block IP address ranges? Does is do threat detection and ensure to raise an alert if hackers attempt to get in?

Some applications only do the basics, while others have security features you haven’t even thought of.

You go down the list, and evaluate the software on each feature. If an application doesn’t support something on your must-have list, that’s a big problem. A 0, and possible elimination from contention unless you’re willing to modify your requirements.

Now add up the scores under the must-haves and nice-to-haves.

There will be applications that have a low score compared to the others, and that puts them at the bottom of the list. There will be applications have have a high score compared to others, and that puts them at the top. Easy enough, right?

Now how do you choose between two applications where the scores are similar?

Well if they meet the requirements, and the price is within your budget, it might just come down to picking the one you feel will suit you best. Which one had sales teams that replied to your questions the fastest? Which one has the best reputation for support online? Do you already have this company’s other products in your organization?

There’s no perfect solution. Every architect has experienced the case where you start down the path of choosing one vendor, and then you learn that they don’t support something basic. Or things don’t got as easily as you planned. Such is life sometimes.

But if you start with your requirements, and grading applications based on your requirements, you’ll have “the facts” in front of you on which you can make a decision.
April 20, 2018
Four Benefits to Getting Azure Certified

For the next couple of weeks, I’m visiting my in-laws in South America. As nice as it is to travel, I also find myself with the laptop open at 8 PM, and thought I would write this little post on a common question I sometimes get.

There are people on both sides of the debate on whether it’s worth it to get certified, in any technical field. On the one hand, it’s provable skills and experience that matters most when applying for jobs, and someone who got their skills from a book but have not actually performed the tasks cannot be viewed as equal to someone who has spent years in the field, gaining their skills through trial and error. There is no equivalent to discovering a strange behavior in a technical system, and tearing it apart to find out the error and fix the bug.

But even the person who’s spent years in the field might find it challenging to pass a certification test on those skills. Because often in our jobs, we only get to see such a limited view of the way things are done. We could work for years on Virtual Machines and Virtual Networks, and never have touched a Web App.

So the first benefit to certification is it forces you to be exposed to all features of a system. Microsoft Azure in particular has 100+ cloud services, and it is all but guaranteed that studying for the exam will teach you about areas of Azure that you have not really been exposed to.

The other challenge with having all of your knowledge from in-field experience is that you are not learning the best practices for working with the system. You might be inadvertently leaving open security holes, or adding unnecessary cost to the solution, simply because you did not know about a security setting or a method for scaling. You can both make your work life easier, as well as improving the overall quality of the system, by being forced to study for certification and read about the “Microsoft Way” for designing solutions. That’s the second benefit to certification.

Sometimes we do not have the opportunity to work in an area through our normal daily jobs. It’s a chicken and the egg problem. You will not get assigned to projects that work in the cloud because you don’t have any previous knowledge of how cloud systems work. But you can’t get that knowledge, because you do not get assigned to those projects.

Certification can bridge that gap. It can serve as an important signal to your company that you are trainable on these technologies and already possess a good baseline of knowledge when coming into a project. It signals that you will not be asking “what’s a subnet?” on your first day on the project, and will not be slowing the project down. The third benefit to certification is that it serves as a good substitute to a few months of actual experience, which you can then supplement with actual experience quickly when joining a relevant project.

Finally, talking about signals, certification is the proof of the claim that you are the type of person who loves to learn new things. Within any enterprise, there are some (thankfully, usually a minor number of) employees who just want to hang on to the applications that they are used to, and resist being exposed to new languages and technologies. You can say in a job interview that you love to learn new things. But you know what actually proves that you love to learn new things? Evidence that you take training courses on your own free time, and get certified. Having Azure, AWS, and other certificates on your resume is the ultimate proof that you’re the type of employee they want on their team. A self-starter. A seeker of knowledge. Not just someone who learns by doing, but supplements that knowledge with the official documentation and other training programs. That’s the fourth benefit.

So hopefully you can see that, in 2018, certification is still a great way to grow your skills and show your skills. Instead of being a relic of the past, in fact it’s the way of the future. True, you do not see many jobs that state “Azure certification required”, but having that on your resume will get you more interviews than if it was not on your resume. And makes a good talking point during the interview itself when asked “have you ever worked with technology X?”

March 13, 2018
Free Azure Guide to Setting Up Linux VMs

November 10, 2017
17 Small Projects That Can Teach You Microsoft Azure

November 6, 2017
Become Azure Certified Through Udemy for Business

Hundreds of companies provide their employees access to Udemy as part of their employee training benefits. Is yours one?

If so, you already have access to my Enterprise Architecture and Microsoft Azure courses for free!

All you need to do is log in to your company’s Udemy portal, and search for TOGAF or Azure using Udemy’s search tool. You’ll be shown a selection of my courses where you can sign up at no cost to you – since your employer already pays to be part of that program.

But clicking the “sign up” button doesn’t teach you the skill. (We’re not in The Matrix yet. “I know Kung Fu.”)You will need to watch the videos and practice the skills, and this can be done a little at a time. Perhaps the smartest thing you can do is book yourself a meeting in your Office calendar every week where nobody else is able to reserve that time away from you. Whether it’s 30 minutes, or an hour, or more. Book yourself a meeting, and devote that time to taking some training such as my Azure courses that will help you attain the certification that can advance your skills and advance your career.Over 1,000 companies have this as a company benefit, and yours might be one of them. So check with HR on what training platforms you have available.And if you don’t see my courses on the training platform you have (whatever it is), do me a favor and ask that training platform to get in touch with me and get my courses there.Scott

October 26, 2017
October 2017 Changes to 70-534 Azure Architecture Exam
Further information is being released about upcoming changes to the 70-534 Architecting Microsoft Azure Solutions exam.

First, if you don’t know, Microsoft announced that the exam will be retiring as of December 31, 2017. A new exam, 70-535 Architecting Microsoft Azure Solutions, will be the replacement.

Now new details have been released. The new exam will be available as of November 30, 2017. You will no longer be able to register for the 70-534 exam after that date.

Microsoft assures architects that the 70-535 will be considered a direct replacement for 70-534, so any certifications earned with 70-534 will still be considered valid going forward. You do not need to take exam 70-535 if you’ve already passed 70-534.

They also provided a preliminary syllabus for the exam. Let’s look at what stands out to me.

First, similar to the 70-532 and 70-533 exams, some new areas have been added to the exam:
- Containers
- Web apps on Linux
- Data Catalog, Azure Data Factory, SQL Data Warehouse, Azure Data Lake
- SQL Server Stretch Database
- Azure Database for MySQL and Azure Database for PostgreSQL
- Time Series Insights
- CosmosDB
- Network Virtual Appliances
- DMZ
- Multi-Factor Authentication (MFA)
- Azure AD Domain Services
- Azure Key Vault
- Azure AD Managed Service Identity
- Azure AD Privileged Identity Management
- Artificial Intelligence Services such as Cognitive Services, Bot Service and Machine Learning
- More IoT
- Event Grid
- Azure Media Services added back in after being removed a year ago
- Network Watcher Service
These are just the things that catch my eye as being added to the exam that were not on the last version of the exam.

Has anything been removed from the exam?

Well there is no mention of:
- Hyper-V
- SAML
- Azure SQL Database TDE
Not much has been removed.

So as it stands right now, if you plan to take the Azure Architecture exam before the end of the year, you should probably just go ahead and do that. Waiting until the new exam is live, and study materials are updated, might not be worth it for you.

If taking the Azure Architecture exam is probably something that you’ll take early next year, I might wait to see how it plays out. There’s a few new things that need to be added to the course, and we haven’t heard yet from anyone who has seen the new exam.
October 8, 2017
70-535 Architecting Microsoft Azure Solutions

That is not a typo. Microsoft just introduced a new Architecture exam code, 70-535. It will replace the 70-534 Architecting Microsoft Azure Solutions exam in “late November/early December 2017”. There is absolutely no details on the syllabus yet, although one has to expect it will be similar to the existing exam syllabus because the platform hasn’t changed that much. Most likely, they just want to completely reorganize the course into new sections and topics.

Stay tuned here at SoftwareArchitect.ca for the latest information on this exam as it’s released. If you’re a student of mine in 70-534, you’ll also be notified of new content for the course (or a renaming of the course) in the regular announcement process.

[thrive_leads id=’6447′]

October 6, 2017
Another Engineer Blamed for Poor Process

Back in March, I wrote about the poor Amazon engineer who accidentally brought down a portion of the Internet by removing a larger than expected number of servers from operation in AWS S3. That made for a bad day.

Well it seems that something else happened in March, around the same time. Another engineer at a different company failed to do something, which would cause him to have a bad month a few months later.

We’ve all heard that Equifax got hacked this summer, exposing the most detailed personal information of almost every American (140 million, which is almost every adult who interacts with the financial system in some way). I was personally furious when I heard about it, and some are calling it the most serious hacking incident ever.

It’s debatable, since Yahoo confirmed yesterday that hackers stole the emails and encrypted password of 3 billion accounts 4 years ago. But certainly, getting email addresses is less valuable than credit details and social security numbers.

The other thing about Equifax is that these are not user accounts, but people who have no direct relationship with Equifax. These 140 million people are the product, not the customers.

But we can all agree that Equifax was a huge hack.

Yesterday, the CEO submitted written testimony to congress that says the following.

On March 9, Equifax disseminated the U.S. CERT notification internally by email
requesting that applicable personnel responsible for an Apache Struts installation upgrade their
software. Consistent with Equifax’s patching policy, the Equifax security department required
that patching occur within a 48 hour time period. We now know that the vulnerable version of
Apache Struts within Equifax was not identified or patched in response to the internal March 9
notification to information technology personnel.

Further detail was provided during his testimony.

The human error was that the individual who’s responsible for communicating in the organization to apply the patch, did not.

So to Equifax, the breach comes down to an individual who’s job it was to patch systems when notified of security vulnerabilities who did not patch it.

To me, a company that has such precious data (such as a bank or credit reporting agency) should have more robust security processes to ensure a single missed patch doesn’t get overlooked.

And why was it so easy for the “online dispute website” to get access to the full database of consumers and credit info?

October 4, 2017
October 2017 Changes to 70-533 Azure Infrastructure Exam
Last year in October, Microsoft announced some sweeping changes to it’s exams.

And this year, they did it again. At the MS Ignite conference, they announced changes to the requirements for two exams – 70-532 Azure Developer and 70-533 Azure Infrastructure. Let’s look at the 70-533 changes with this post. I reviewed the 70-532 changes here.

The changes are slated to take effect on October 12, 2017. They are posted to the US website only, and so there’s no official word as to how this will be rolled out internationally.

Things removed from the 70-533 exam:
- Storage objective – SQL Databases
Things added to the 70-533 exam:
- App Service objective – App service environment (ASE)
- App Service objective – deployment methods such as Git and FTP
- App Service objective – App service backups
- App Service objective – Authentication and authorization for app service apps
- Virtual Machine objective – configure fault domains and update domains
- Virtual Machine objective – Azure Container Services (ACS), Docker, DC/OS, Swarm, or Kubernetes, Azure Container Registry
- Storage objective – manage SMB file storage
- Storage objective – Azure Key Vault
- Storage objective – Azure Storage Service Encryption (SSE)
- Storage objective – Encryption and RBAC for Azure Data Lake Store
- Network objective – VNet peering
- Network objective – Puppet or Chef to configure networking
- ARM Templates – count loops and marketplace items
- New objective Security and Recovery objective – Azure Key Vault, SSL task automation, Azure Security Center, Single-Signon SaaS, Manage access to a SaaS app, federation, public identity providers
- New objective Security and Recovery objective – Backup vault, backup agent, snapshots, geo-replication for recovery, DR as a service
- New objective Azure Operations objective – Powershell runbooks, Azure Automation
- New objective Azure Operations objective – Analyze data across multiple systems, custom visualizations, data across multiple subscriptions, flexible search queries, monitor system updates and malware status, track server configuration changes with Azure Log Analytics
- Identity objective – Azure AD Connect Health
- Identity objective – Azure AD Domain Services
- Identity objective – MFA
And finally, the number and weightings for each of the objectives have shifted.

There used to be six objectives and now there are eight. Microsoft shuffled some things around, so that topics that used to fall under one objective now were moved to another.
- Azure App Services was 15-20%, now 10-15% (down 5%)
- Virtual Machines remains 20-25%
- Storage was 20-25%, now 10-15% (down 10%)
- Virtual Networks was 10-15%, now 15-20% (down 5%)
- ARM Templates remains 10-15%
- Azure Security and Recovery (new) 25-30%
- Azure Operations (new) 5-10%
- Azure Identities was 15-20%, now 5-10% (down 10%)
It’s hard to judge, since they moved things around a bit. But virtual machines, virtual networks, and security are the top 3. Storage and Active Directory (identity) fell the most.

[thrive_leads id=’6447′]
October 3, 2017
October 2017 Changes to 70-532 Azure Developer Exam
Last year in October, Microsoft announced some sweeping changes to it’s exams.

And this year, they did it again. At the MS Ignite conference, they announced changes to the requirements for two exams – 70-532 Azure Developer and 70-533 Azure Infrastructure. Let’s look at the 70-532 changes with this post.

The changes are slated to take effect on October 12, 2017. They are posted to the US website only, and so there’s no official word as to how this will be rolled out internationally.

Things removed from the 70-532 exam:
- Virtual Machines objective – Configure ARM VM Networking
- Manage Identity objective – Hybrid connections, Site to Site VPN and ExpressRoute
- References to DocumentDB
Things added to the 70-532 exam:
- Virtual Machines objective – Azure Disk Encryption
- Virtual Machines objective – DevTest Labs
- Azure Storage objective – connecting to Azure Files, shard large data-sets, blob leasing
- Azure Storage objective – implement Cosmos DB Table API
- Azure Storage objective – choose between Azure Tables and Cosmos DB Table API
- Azure Storage objective – Cosmos DB, all aspects
- Azure Storage objective – Redis caching for ASP.NET sessions
- Manage Identity objective – MFA and MFA API
- Manage Identity objective – determine when to use event hubs, service bus, IoT Hub, Stream Analytics and Notification Hubs
- Manage Identity objective – Azure Key Vault
- Azure Compute objective – goes deeper into Functions
- Azure Compute objective – Third Party Platform as a Service (PaaS), Cloud Foundry, OpenShift, Azure Quickstart Templates, Azure Marketplace Solutions
- Azure Compute objective – DevOps, Application Insights, Continuous Integration, Continuous Development, third-party deployment tools, mobile DevOps using HockeyApp
And finally, the weightings for each of the objectives have shifted.
- Virtual Machines, was 30-35%, now 20-25% (down 10%)
- Storage, remains 25-30%
- Identity, was 15-20%, now 10-15% (down 5%)
- Azure Compute, was 25-30%, now 35-40% (up 10%)
So you can see where Microsoft’s priorities for this exam are.

[thrive_leads id=’6447′]
October 3, 2017