Library & Information Technology Association Firewalls, Ad-blockers, Web Accelerators, etc.: Helping Remote Users of Electronic Resources Overcome Barriers

Library & Information Technology Association

Firewalls, Ad-blockers, Web Accelerators, etc.: Helping Remote

Users of Electronic Resources Overcome Barriers to Access

Presented by David BickfordDirector of University Learning

ResourcesUniversity of Phoenix

LITA National ForumSt. Louis, Missouri

October, 2004

PowerPoint Design by Brenda Ellis


Remote access to electronic resources is becoming the norm for most libraries.

User concerns about Internet security continue to grow as broadband connections proliferate.

Libraries’ market share depends on how close they come to being the past of least resistance.

http://www.lita.org/lita

http://www.university-of-phoenix-adult-education.com/index.html


Institutional circumstances lead to 99% of library database use from off campus. Library Web site therefore treats all users as remote, even if they are on campus.




Non-traditional students demand convenience and customer service; they expect resolutions to access problems.




Library uses a variety of authentication methods, including both referring URL and IP address via EZproxy.

Students provide their own computers and Internet service, leading to a wide variety of possible computing environments.




Referring URL – This method is easy to implement, but many consumer firewall products strip this information from the http header.

Cookies – Some applications block persistent and/or third-party cookies.




IP Address -- Most institutions use a proxy to enable off-campus access.

– EZproxy has traditionally used non-standard port numbers that numerous workplace firewalls block.

– Traditional Proxies – Browser settings changes needed for one library can disrupt access to resources provided by other libraries.




Also known as “referrer” or “referer.” (Spellings vary.)

Involves granting access to a page based on previous page visited.

Minimizes traffic on library’s network by handing user to vendor’s site.

Can be used directly with some vendors or indirectly by authenticating access to EZproxy.

Not appropriate for high-security situations, but good enough for regulating access to licensed resources.




Some consumer security applications block this information by default.

The intent of blocking is typically to prevent sites from reading users’ search engine queries.

Most consumer security applications use cryptic wording to describe this function: “browser privacy,” “client connection info,” etc.

Very few use the “official” terminology. Most end-users and many network

administrators are minimally familiar with this function.




More problematic for workplace users than home users.

“Traditional” method (proxy by port number) is blocked my many workplace networks due to usage of non-traditional port numbers (2048 and higher).

“New” method (proxy by host name) eliminates problems for the end-user but makes some campus/municipal IT departments nervous because of a wildcard in the library’s DNS entry.




“Newer” method refines proxy by host name with a feature that allows EZproxy to act as its own mini-DNS server, overcoming the wildcard issue.

More information at http://www.usefulutilities.com/support

http://www.usefulutilities.com/support






Involves user adjustments to browser settings.

Browser settings persist until changed, even if user’s access expires.

Browser settings can cause problems when multiple users share the same computer.

Some workplaces may not permit adjustments to browser settings.




Misunderstood and feared by some end-users. Persistent cookies can be useful for maintaining

user preferences and enabling easier return visits to sites, but some applications block these by default.




Third-party cookies are not always evil. Some authentication across domains can trigger third-party cookies alerts.

Some consumer security applications block both by default.

A frequent cookie clean-up may be a better strategy than a no-cookie diet.




Some Web-accelerators (e.g. NetZero HiSpeed) can cause problems with EZproxy and Internet Explorer.

Some ad-blockers and pop-up blockers can block sites that fit into neither category.




Consumer Firewalls: – Norton Internet Security– Norton Personal Firewall– Zone Alarm Pro– McAfee Internet Security

Workplace Firewalls: – Watchguard




Ad Blockers: – IDecide– Ad-Subtract

Web Accelators: – Netzero High Speed




Tendency to install software at highest possible settings.

– Some programs default to high settings.– Some users will choose the highest

setting when presented with a choice.




Tendency to turn off software rather than making minimally necessary changes.

– Some programs run in the background or come back after a reboot, even if the user has turned them off.

– Telling users to turn off protective programs creates potential liability and customer relations issues.




Tendency to confuse security and privacy.– Some users are confused about

terminology (e.g. thinking that cookies and pop-ups are the same thing).

– Some users have difficulty differentiating between annoyances (e.g. pop-ups) and threats (hacker attacks, identity theft, etc.)

– Some users are confused about cause-and-effect (e.g. believing that cookies alone can cause spam).




Tendency to confuse firewalls with anti-virus software.

– Most companies that develop one also develop the other.

– Multipurpose product suites are often available.

– Some users will waste time adjusting the wrong program or needlessly turn off antivirus protection.




Users sometimes occupy two extreme positions:

– Gullible users tend to turn off all protection even when such a drastic course of action is not necessary.

– Militant users resist modifying any settings and demand to know the justification for each change made.




Some use excessively vague or technical terminology.

Some offer no opportunity for in-depth resolution of problems.

Some present a login prompt that users incorrectly associate with institutional user names and passwords.













Presenting help pages near the point of access denial.

Constructing menus that lead users to resolution of their own difficulties.

Pointing links to help pages provided by software vendors.

Recommending both basic (easy but broad) and advanced (harder but narrow) modifications when possible.




Reassuring skeptical patrons and network administrators of the Library’s intentions.

Assigning appropriate personnel to technical support.

Partnering with other organizational units for 24/7 technical support.

Accepting occasional failures.



















Reference librarians are not necessarily good at technical support.

Web developers and system administrators are not necessarily good at technical support.

Effective technical support personnel combine technical knowledge, problem-solving skills, communication skills, and empathy for end-user.




Technical calls can distract reference personnel and create tension when questions exceed their expertise.

With distance education initiatives growing, many colleges and universities have created technical support call centers.




Technical support will receive library-related calls anyway, so why not train them to answer the calls correctly?

Beware: Users sometimes confuse technical issues with research issues.




It is impossible to anticipate every possible combination of operating system, browser, and software.

Some users may be unwilling or unable to provide a complete description of their computing environments.

Some users will be faced with computing environments outside their control.

Library personnel have a hard time accepting failure to resolve patron needs, but must focus on the big picture.



The situation will get worse before it gets better due to increasing concerns about Internet security.

The issues surrounding new authentication technologies (e.g. Shibboleth) warrant further examination.


Documents

Library & Information Technology Association Firewalls, Ad-blockers, Web Accelerators, etc.: Helping Remote Users of Electronic Resources Overcome Barriers