Title: Firewalls, Ad-blockers, Web Accelerators, etc.: Helping Remote Users of Electronic Resources Overcome Barriers to Access
1Firewalls, Ad-blockers, Web Accelerators, etc.
Helping Remote Users of Electronic Resources
Overcome Barriers to Access
OFF-CAMPUS LIBRARY SERVICES CONFERENCE
- Presented by David Bickford
- Dean of University Learning Resources
University Librarian - University of Phoenix
- Off-Campus Library Services Conference
- Savannah, Georgia
- April, 2006
- PowerPoint Design by Brenda Ellis
2OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Importance of Topic
- Remote access to electronic resources is becoming
the norm for most libraries. - User concerns about Internet security continue to
grow as broadband connections proliferate. - Libraries market share depends on how close they
come to being the path of least resistance.
3OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Presenters Experience with Topic
- Institutional circumstances lead to 99 of
library database use from off campus. Library
websites therefore treat all users as remote,
even if they are on campus. - The University Library serves approximately
- 300,000 students
- 170 campuses and learning centers
4OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Presenters Experience with Topic
Non-traditional students demand convenience and
customer service they expect resolutions to
access problems.
5OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Presenters Experience with Topic
- Library uses a variety of authentication methods,
including both referring URL and IP address via
EZproxy. - Students provide their own computers and Internet
service, leading to a wide variety of possible
computing environments. - Students often obtain access from their
workplaces, leaving them at the mercy of their
employers network administrators.
6OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Authentication Methods and their Vulnerabilities
- Referring URL This method is easy to implement,
but many consumer firewall products strip this
information from the http header. - Cookies Some applications block persistent
and/or third-party cookies.
7OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Authentication Methods and their Vulnerabilities
- IP Address -- Most institutions use a proxy to
enable off-campus access. - EZproxy has traditionally used non-standard port
numbers that numerous workplace firewalls block. - Traditional Proxies Browser settings changes
needed for one library can disrupt access to
resources provided by other libraries.
8OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Referring URL
- Also known as referrer or referer. (Spellings
vary.) - Involves granting access to a page based on
previous page visited. - Minimizes traffic on librarys network by handing
user to vendors site. - Can be used directly with some vendors or
indirectly by authenticating access to EZproxy. - Not appropriate for high-security situations, but
good enough for regulating access to licensed
resources.
9OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Referring URL
- Some consumer security applications block this
information by default. - The intent of blocking is typically to prevent
sites from reading users search engine queries. - Most consumer security applications use cryptic
wording to describe this function browser
privacy, client connection info, etc. - Very few use the official terminology.
- Most end-users and many network administrators
are minimally familiar with this function.
10OFF-CAMPUS LIBRARY SERVICES CONFERENCE
IP Address EZproxy
- More problematic for workplace users than home
users. - Traditional method (proxy by port number) is
blocked my many workplace networks due to usage
of non-traditional port numbers (2048 and
higher). - New method (proxy by host name) eliminates
problems for the end-user but makes some
campus/municipal IT departments nervous because
of a wildcard in the librarys DNS entry.
11OFF-CAMPUS LIBRARY SERVICES CONFERENCE
IP Address EZproxy
- Newer method refines proxy by host name with a
feature that allows EZproxy to act as its own
mini-DNS server, overcoming the wildcard issue. - More information at http//www.usefulutilities.com
/support
12OFF-CAMPUS LIBRARY SERVICES CONFERENCE
IP Address Traditional Proxies
- Involves user adjustments to browser settings.
- Browser settings persist until changed, even if
users access expires. - Browser settings can cause problems when
multiple users share the same computer. - Some workplaces may not permit adjustments to
browser settings.
13OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Cookies
- Misunderstood and feared by some end-users.
- Persistent cookies can be useful for maintaining
user preferences and enabling easier return
visits to sites, but some applications block
these by default.
14OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Cookies
- Third-party cookies are not always evil. Some
authentication across domains can trigger
third-party cookies alerts. - Some consumer security applications block both by
default. - A frequent cookie clean-up may be a better
strategy than a no-cookie diet.
15OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Additional Considerations
- Some Web-accelerators (e.g. NetZero HiSpeed) can
cause problems with EZproxy and Internet
Explorer. - Some ad-blockers and pop-up blockers can block
sites that fit into neither category.
16OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Software Known to Cause Remote Access Problems
- Consumer Firewalls
- Norton Internet Security
- Norton Personal Firewall
- Zone Alarm Pro
- McAfee Internet Security
- Workplace Firewalls
- Watchguard
17OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Software Known to Cause Remote Access Problems
- Ad Blockers
- AdSubtract
- Web Accelerators
- Netzero High Speed
18OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Additional Complications From User Behavior
- Tendency to install software at highest possible
settings. - Some programs default to high settings.
- Some users will choose the highest setting when
presented with a choice.
19OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Additional Complications From User Behavior
- Tendency to turn off software rather than making
minimally necessary changes. - Some programs run in the background or come back
after a reboot, even if the user has turned them
off. - Telling users to turn off protective programs
creates potential liability and customer
relations issues.
20OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Additional Complications From User Behavior
- Tendency to confuse security and privacy.
- Some users are confused about terminology (e.g.
thinking that cookies and pop-ups are the same
thing). - Some users have difficulty differentiating
between annoyances (e.g. pop-ups) and threats
(hacker attacks, identity theft, etc.) - Some users are confused about cause-and-effect
(e.g. believing that cookies alone can cause
spam).
21OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Additional Complications From User Behavior
- Tendency to confuse firewalls with anti-virus
software. - Most companies that develop one also develop the
other. - Multipurpose product suites are often available.
- Some users will waste time adjusting the wrong
program or needlessly turn off antivirus
protection.
22OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Additional Complications From User Behavior
- Users sometimes occupy two extreme positions
- Gullible users tend to turn off all protection
even when such a drastic course of action is not
necessary. - Militant users resist modifying any settings and
demand to know the justification for each change
made.
23OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Additional Complications From User Behavior
- Users with technical knowledge (real or imagined)
- May overwhelm library staff with techno-babble
that ignores real issue. - May be more interested in second-guessing Web
design and programming than in solving their own
problems.
24OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Special Considerations for Workplace Library
Users
- Users may not have the ability to download and
install needed software. - Workplaces may be subject to externally imposed
security constraints - credit card processors
- Sarbanes-Oxley
- government contracts
25OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Special Considerations for Workplace Library
Users
- Users may be violating acceptable use policies by
doing school research from workplace machines. - Users may face bureaucratic obstacles in reaching
appropriate personnel. - Some IT security functions are outsourced, making
changes harder to implement.
26OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Vendor Error Messages Tend to be Cryptic
- Some use excessively vague or technical
terminology. - Some offer no opportunity for in-depth resolution
of problems. - Some present a login prompt that users
incorrectly associate with institutional user
names and passwords.
27OFF-CAMPUS LIBRARY SERVICES CONFERENCE
What Does This Mean to the Average User?
28OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Or This?
29OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Vendor Troubleshooting Strategies Sometimes Do
More Harm Than Good
- Vendor tech support staff routinely ask for
users IP address and assume they must add it if
not on file. - This often makes the problem worse because it may
enable access for one user while delaying
diagnosis of the underlying problem. - Only the most sophisticated vendors really
understand remote access.
30OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Vendors May Impose Additional Challenges
- Use of plug-ins to view content sets the bar
higher for novice users. - Workplace users may not be able to install
plug-ins. - Some terms such as Active X spook network
administrators even if the usage is benign. - Some vendors may contradict one another in terms
of software version demands.
31OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Can Your Workplace Users Install This Software?
32OFF-CAMPUS LIBRARY SERVICES CONFERENCE
How About This Software?
33OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Vendors May Impose Additional Challenges
- Vendors increasingly push search toolbars and
desktop search icons. - These seldom work unless the user is either on
the campus network or connected via a traditional
proxy server. - Challenge to vendors Allow subscribing libraries
to customize these tools so that a proxy string
becomes part of the search tool.
34OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Can Your Remote Users Use This feature?
35OFF-CAMPUS LIBRARY SERVICES CONFERENCE
How About This One?
36OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Vendors May Impose Additional Challenges
- Vendors increasingly enable alerts, RSS feeds,
deep links, and other tools that present URLs
directly to the user. - Direct-from-vendor URLs often do not work for
remote users. - Challenge to vendors Allow subscribing libraries
to customize these tools so that a proxy string
becomes part of the URLs presented to end-users.
37OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Could Your Remote Users Make This URL Work?
38OFF-CAMPUS LIBRARY SERVICES CONFERENCE
How About This One?
39OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Email Communications Also Present Issues
- Many vendors allow direct emailing of documents.
- Many libraries use email as part of virtual
reference initiatives. - Many ISPs and Software vendors now provide
anti-spam appliances. - Documents and virtual reference responses often
get stuck in the spam filter.
40OFF-CAMPUS LIBRARY SERVICES CONFERENCE
As a Result, Libraries Are Often Left To Handle
Their Own Technical Support
41OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Strategies For Managing The Technical Support
Burden
- Presenting help pages near the point of access
denial. - Constructing menus that lead users to resolution
of their own difficulties. - Pointing links to help pages provided by software
vendors. - Recommending both basic (easy but broad) and
advanced (harder but narrow) modifications when
possible.
42OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Strategies For Managing The Technical Support
Burden
- Reassuring skeptical patrons and network
administrators of the Librarys intentions. - Assessing information from user Trust but
verify. - Assigning appropriate personnel to technical
support. - Partnering with other organizational units for
24/7 technical support. - Accepting occasional failures.
43OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Present Help Pages Near The Point Of Access
Denial.
44OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Construct Menus That Lead Users To Resolution Of
Their Own Difficulties.
45OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Point Links To Help Pages Provided by Software
vendors.
46OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Recommend Both Basic And Advanced Modifications
When Possible.
47OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Reassure Skeptical Patrons And Network
Administrators Of The Librarys Intentions.
48OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Assessing Information from User Trust But Verify
- Users are not always aware of what programs exist
on their computers. - Some programs are pre-installed others are
installed by spouses, roommates, etc. - Suggested actions
- Ask user to read the list of all programs
installed. - Ask users to check their system trays for unknown
icons.
49OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Assign Technical Support to Appropriate Personnel
- Reference librarians are not necessarily good at
technical support. - Web developers and system administrators are not
necessarily good at technical support. - Effective technical support personnel combine
technical knowledge, problem-solving skills,
communication skills, and empathy for end-user.
50OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Partner With Other Organizational Units for 24/7
Technical Support.
- Technical calls can distract reference personnel
and create tension when questions exceed their
expertise. - With distance education initiatives growing, many
colleges and universities have created technical
support call centers.
51OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Partner With Other Organizational Units for 24/7
Technical Support.
- Technical support will receive library-related
calls anyway, so why not train them to answer the
calls correctly? - Beware Users sometimes confuse technical issues
with research issues. - Beware Vendor-provided technical support can
sometimes do more harm than good.
52OFF-CAMPUS LIBRARY SERVICES CONFERENCE
University of Phoenix Experience April 2004
- Migration of University Library toll-free number
from Library staff to 24/7 Tech Support call
center. - Training of skill group within Tech Support on
library issues. - Reassignment of library staff to course reserves,
document delivery, and other activities requiring
their expertise.
53OFF-CAMPUS LIBRARY SERVICES CONFERENCE
University of Phoenix Experience April 2006
- Tech Support now handling all library telephone
calls over 2,000 per month. - Multilingual support.
- Improved customer service and employee morale.
- Knowledgebase enables continuous flow of
accurate, up-to-date troubleshooting information. - Not perfect, but generally a success story.
54OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Accept Occasional Failures
- It is impossible to anticipate every possible
combination of operating system, browser, and
software. - Some users may be unwilling or unable to provide
a complete description of their computing
environments. - Some users will be faced with computing
environments outside their control. - Library personnel have a hard time accepting
failure to resolve patron needs, but must focus
on the big picture.
55OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Future Trends
- The situation will get worse before it gets
better due to increasing concerns about Internet
security. - New vendor initiatives such as toolbars, desktop
search icons, RSS, etc. may present additional
complications. - The issues surrounding new authentication
technologies (e.g. Shibboleth) warrant further
examination.
56OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing
- Partner with someone near you.
- One person is the user the other is the
librarian. - The user should be persistent and perhaps even
annoying. Dont make it too easy. - Spend 10 minutes outlining ways for librarian to
handle the scenario. - Present the scenario to the group.
57OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing Scenario 1
- User Student in an IT degree program, likes to
tinker, relies on open source, little
understanding of digital libraries. - Complaint A subscription library resource
requires Internet Explorer and does not support
the students favored alternative browser.
58OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing Scenario 2
- User Non-traditional student, computer novice,
shares home PC with spouse and children. - Complaint A firewall error message comes up
every time user tries to reach a subscription
database. User is not aware of any firewalls on
machine and is only minimally aware of the
computers working.
59OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing Scenario 3
- User Security administrator at corporation.
Asked by employee, who is also your user, to
resolve access problem. Minimal awareness of
libraries and their remote access processes. - Complaint Your Ezproxy implementation requires
use of non-standard port numbers. These are
perceived as a security risk.
60OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing Scenario 4
- User Faculty member who has tried to send direct
links to articles to students. Uses library
resources from office on campus. Minimally
familiar with remote access processes for
students. - Complaint Links that work for the faculty member
are failing for students who are off campus.
61OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing Scenario 5
- User Non-traditional student who lives at home
with spouse who attends another institution. - Complaint Links from your Web site to
subscription resources are being re-routed to a
login page at the spouses institution.
62OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing Scenario 6
- User Off-campus student who likes to use
technology for convenience. Eager to try new
tools. - Complaint Student downloaded vendors search
toolbar but the toolbar produces only an
authentication error. Student wants to know why
tool does not work as advertised.
63OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing Scenario 7
- User Tech-savvy faculty member who likes to use
the latest cool features to enhance courses. - Complaint Faculty member has tried to
incorporate a vendors RSS feed into a course Web
page, but the links to full text fail for
off-campus users.
64OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing Scenario 8
- User Student with moderate technical skill but
little patience for poor customer service. - Complaint Student has been told to obtain Adobe
Reader Version 7 by one vendor, but told not to
use anything higher than Version 6 by another.
Students wants a consistent recommendation.
65OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing Scenario 9
- User Parent of young (18-21) student who lives
at home while attending online classes at your
institution. - Complaint Parent is concerned about
recommendation to relax certain firewall
settings. Parent fears student will be vulnerable
to exploitation if firewall is relaxed.
66OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing Scenario 10
- User University president. Not a heavy library
user, but generally supportive of the library in
the budgeting process. Frequent traveler. - Complaint President likes using a specific
resource and has tried to create a desktop icon
that will work from any location. The desktop
icon works only on the campus network.
67OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing Scenario 11
- User Campus IT Director. Minimally aware of
library and its processes. - Complaint IT Director wants to install strong
firewall software on each machine issued to
faculty members. Demands to know why
modifications are necessary to ensure access to
library resources.
68OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Role Playing Scenario 12
- User Student who has encountered an access
problem and contacted vendor directly. - Complaint Vendors proposed solution, adding
students IP address to your account, worked only
for one session. Student is now on a different IP
address and the problem has returned.
69OFF-CAMPUS LIBRARY SERVICES CONFERENCE
Conclusion
- Observations from role-playing
- Should we treat all users as remote?
- Questions and comments