Firewalls, Ad-blockers, Web Accelerators, etc

advertisement
Library & Information Technology Association
Firewalls, Ad-blockers, Web
Accelerators, etc.: Helping Remote
Users of Electronic Resources
Overcome Barriers to Access
Presented by David Bickford
Director of University Learning
Resources
University of Phoenix
LITA National Forum
St. Louis, Missouri
October, 2004
PowerPoint Design by Brenda Ellis
Library & Information Technology Association
 Remote access to electronic resources is
becoming the norm for most libraries.
 User concerns about Internet security
continue to grow as broadband connections
proliferate.
 Libraries’ market share depends on how
close they come to being the past of least
resistance.
Library & Information Technology Association
Institutional circumstances lead to 99% of library
database use from off campus. Library Web site
therefore treats all users as remote, even if they
are on campus.
Library & Information Technology Association
Non-traditional students demand convenience
and customer service; they expect resolutions
to access problems.
Library & Information Technology Association
 Library uses a variety of authentication
methods, including both referring URL and
IP address via EZproxy.
 Students provide their own computers and
Internet service, leading to a wide variety of
possible computing environments.
Library & Information Technology Association
 Referring URL – This method is easy to
implement, but many consumer firewall
products strip this information from the http
header.
 Cookies – Some applications block
persistent and/or third-party cookies.
Library & Information Technology Association
 IP Address -- Most institutions use a proxy to
enable off-campus access.
– EZproxy has traditionally used nonstandard port numbers that numerous
workplace firewalls block.
– Traditional Proxies – Browser settings
changes needed for one library can
disrupt access to resources provided by
other libraries.
Library & Information Technology Association
 Also known as “referrer” or “referer.” (Spellings
vary.)
 Involves granting access to a page based on
previous page visited.
 Minimizes traffic on library’s network by handing
user to vendor’s site.
 Can be used directly with some vendors or
indirectly by authenticating access to EZproxy.
 Not appropriate for high-security situations, but
good enough for regulating access to licensed
resources.
Library & Information Technology Association
 Some consumer security applications block this
information by default.
 The intent of blocking is typically to prevent sites
from reading users’ search engine queries.
 Most consumer security applications use cryptic
wording to describe this function: “browser
privacy,” “client connection info,” etc.
 Very few use the “official” terminology.
 Most end-users and many network
administrators are minimally familiar with this
function.
Library & Information Technology Association
 More problematic for workplace users than home
users.
 “Traditional” method (proxy by port number) is
blocked my many workplace networks due to
usage of non-traditional port numbers (2048 and
higher).
 “New” method (proxy by host name) eliminates
problems for the end-user but makes some
campus/municipal IT departments nervous
because of a wildcard in the library’s DNS entry.
Library & Information Technology Association
 “Newer” method refines proxy by host name with
a feature that allows EZproxy to act as its own
mini-DNS server, overcoming the wildcard issue.
 More information at
http://www.usefulutilities.com/support
Library & Information Technology Association
 Involves user adjustments to browser
settings.
 Browser settings persist until changed, even
if user’s access expires.
 Browser settings can cause problems when
multiple users share the same computer.
 Some workplaces may not permit
adjustments to browser settings.
Library & Information Technology Association
 Misunderstood and feared by some end-users.
 Persistent cookies can be useful for maintaining
user preferences and enabling easier return visits
to sites, but some applications block these by
default.
Library & Information Technology Association
 Third-party cookies are not always evil. Some
authentication across domains can trigger third-party
cookies alerts.
 Some consumer security applications block both by
default.
 A frequent cookie clean-up may be a better strategy
than a no-cookie diet.
Library & Information Technology Association
 Some Web-accelerators (e.g. NetZero
HiSpeed) can cause problems with EZproxy
and Internet Explorer.
 Some ad-blockers and pop-up blockers can
block sites that fit into neither category.
Library & Information Technology Association
 Consumer Firewalls:
– Norton Internet Security
– Norton Personal Firewall
– Zone Alarm Pro
– McAfee Internet Security
 Workplace Firewalls:
– Watchguard
Library & Information Technology Association
 Ad Blockers:
– IDecide
– Ad-Subtract
 Web Accelators:
– Netzero High Speed
Library & Information Technology Association
 Tendency to install software at highest
possible settings.
– Some programs default to high settings.
– Some users will choose the highest
setting when presented with a choice.
Library & Information Technology Association
 Tendency to turn off software rather than
making minimally necessary changes.
– Some programs run in the background or
come back after a reboot, even if the
user has turned them off.
– Telling users to turn off protective
programs creates potential liability and
customer relations issues.
Library & Information Technology Association
 Tendency to confuse security and privacy.
– Some users are confused about
terminology (e.g. thinking that cookies
and pop-ups are the same thing).
– Some users have difficulty differentiating
between annoyances (e.g. pop-ups) and
threats (hacker attacks, identity theft,
etc.)
– Some users are confused about causeand-effect (e.g. believing that cookies
alone can cause spam).
Library & Information Technology Association
 Tendency to confuse firewalls with anti-virus
software.
– Most companies that develop one also
develop the other.
– Multipurpose product suites are often
available.
– Some users will waste time adjusting the
wrong program or needlessly turn off
antivirus protection.
Library & Information Technology Association
 Users sometimes occupy two extreme
positions:
– Gullible users tend to turn off all
protection even when such a drastic
course of action is not necessary.
– Militant users resist modifying any
settings and demand to know the
justification for each change made.
Library & Information Technology Association
 Some use excessively vague or technical
terminology.
 Some offer no opportunity for in-depth
resolution of problems.
 Some present a login prompt that users
incorrectly associate with institutional user
names and passwords.
Library & Information Technology Association
Library & Information Technology Association
Library & Information Technology Association
Library & Information Technology Association
 Presenting help pages near the point of
access denial.
 Constructing menus that lead users to
resolution of their own difficulties.
 Pointing links to help pages provided by
software vendors.
 Recommending both basic (easy but broad)
and advanced (harder but narrow)
modifications when possible.
Library & Information Technology Association
 Reassuring skeptical patrons and network
administrators of the Library’s intentions.
 Assigning appropriate personnel to technical
support.
 Partnering with other organizational units for
24/7 technical support.
 Accepting occasional failures.
Library & Information Technology Association
Library & Information Technology Association
Library & Information Technology Association
Library & Information Technology Association
Library & Information Technology Association
Library & Information Technology Association
 Reference librarians are not necessarily good at
technical support.
 Web developers and system administrators are not
necessarily good at technical support.
 Effective technical support personnel combine
technical knowledge, problem-solving skills,
communication skills, and empathy for end-user.
Library & Information Technology Association
 Technical calls can distract reference
personnel and create tension when
questions exceed their expertise.
 With distance education initiatives growing,
many colleges and universities have created
technical support call centers.
Library & Information Technology Association
 Technical support will receive library-related calls
anyway, so why not train them to answer the calls
correctly?
 Beware: Users sometimes confuse technical issues
with research issues.
Library & Information Technology Association
 It is impossible to anticipate every possible
combination of operating system, browser, and
software.
 Some users may be unwilling or unable to provide a
complete description of their computing
environments.
 Some users will be faced with computing
environments outside their control.
 Library personnel have a hard time accepting failure
to resolve patron needs, but must focus on the big
picture.
Library & Information Technology Association
 The situation will get worse before it gets better due
to increasing concerns about Internet security.
 The issues surrounding new authentication
technologies (e.g. Shibboleth) warrant further
examination.
Download