Library & Information Technology Association Firewalls, Ad-blockers, Web Accelerators, etc.: Helping Remote Users of Electronic Resources Overcome Barriers to Access Presented by David Bickford Director of University Learning Resources University of Phoenix LITA National Forum St. Louis, Missouri October, 2004 PowerPoint Design by Brenda Ellis Library & Information Technology Association Remote access to electronic resources is becoming the norm for most libraries. User concerns about Internet security continue to grow as broadband connections proliferate. Libraries’ market share depends on how close they come to being the past of least resistance. Library & Information Technology Association Institutional circumstances lead to 99% of library database use from off campus. Library Web site therefore treats all users as remote, even if they are on campus. Library & Information Technology Association Non-traditional students demand convenience and customer service; they expect resolutions to access problems. Library & Information Technology Association Library uses a variety of authentication methods, including both referring URL and IP address via EZproxy. Students provide their own computers and Internet service, leading to a wide variety of possible computing environments. Library & Information Technology Association Referring URL – This method is easy to implement, but many consumer firewall products strip this information from the http header. Cookies – Some applications block persistent and/or third-party cookies. Library & Information Technology Association IP Address -- Most institutions use a proxy to enable off-campus access. – EZproxy has traditionally used nonstandard port numbers that numerous workplace firewalls block. – Traditional Proxies – Browser settings changes needed for one library can disrupt access to resources provided by other libraries. Library & Information Technology Association Also known as “referrer” or “referer.” (Spellings vary.) Involves granting access to a page based on previous page visited. Minimizes traffic on library’s network by handing user to vendor’s site. Can be used directly with some vendors or indirectly by authenticating access to EZproxy. Not appropriate for high-security situations, but good enough for regulating access to licensed resources. Library & Information Technology Association Some consumer security applications block this information by default. The intent of blocking is typically to prevent sites from reading users’ search engine queries. Most consumer security applications use cryptic wording to describe this function: “browser privacy,” “client connection info,” etc. Very few use the “official” terminology. Most end-users and many network administrators are minimally familiar with this function. Library & Information Technology Association More problematic for workplace users than home users. “Traditional” method (proxy by port number) is blocked my many workplace networks due to usage of non-traditional port numbers (2048 and higher). “New” method (proxy by host name) eliminates problems for the end-user but makes some campus/municipal IT departments nervous because of a wildcard in the library’s DNS entry. Library & Information Technology Association “Newer” method refines proxy by host name with a feature that allows EZproxy to act as its own mini-DNS server, overcoming the wildcard issue. More information at http://www.usefulutilities.com/support Library & Information Technology Association Involves user adjustments to browser settings. Browser settings persist until changed, even if user’s access expires. Browser settings can cause problems when multiple users share the same computer. Some workplaces may not permit adjustments to browser settings. Library & Information Technology Association Misunderstood and feared by some end-users. Persistent cookies can be useful for maintaining user preferences and enabling easier return visits to sites, but some applications block these by default. Library & Information Technology Association Third-party cookies are not always evil. Some authentication across domains can trigger third-party cookies alerts. Some consumer security applications block both by default. A frequent cookie clean-up may be a better strategy than a no-cookie diet. Library & Information Technology Association Some Web-accelerators (e.g. NetZero HiSpeed) can cause problems with EZproxy and Internet Explorer. Some ad-blockers and pop-up blockers can block sites that fit into neither category. Library & Information Technology Association Consumer Firewalls: – Norton Internet Security – Norton Personal Firewall – Zone Alarm Pro – McAfee Internet Security Workplace Firewalls: – Watchguard Library & Information Technology Association Ad Blockers: – IDecide – Ad-Subtract Web Accelators: – Netzero High Speed Library & Information Technology Association Tendency to install software at highest possible settings. – Some programs default to high settings. – Some users will choose the highest setting when presented with a choice. Library & Information Technology Association Tendency to turn off software rather than making minimally necessary changes. – Some programs run in the background or come back after a reboot, even if the user has turned them off. – Telling users to turn off protective programs creates potential liability and customer relations issues. Library & Information Technology Association Tendency to confuse security and privacy. – Some users are confused about terminology (e.g. thinking that cookies and pop-ups are the same thing). – Some users have difficulty differentiating between annoyances (e.g. pop-ups) and threats (hacker attacks, identity theft, etc.) – Some users are confused about causeand-effect (e.g. believing that cookies alone can cause spam). Library & Information Technology Association Tendency to confuse firewalls with anti-virus software. – Most companies that develop one also develop the other. – Multipurpose product suites are often available. – Some users will waste time adjusting the wrong program or needlessly turn off antivirus protection. Library & Information Technology Association Users sometimes occupy two extreme positions: – Gullible users tend to turn off all protection even when such a drastic course of action is not necessary. – Militant users resist modifying any settings and demand to know the justification for each change made. Library & Information Technology Association Some use excessively vague or technical terminology. Some offer no opportunity for in-depth resolution of problems. Some present a login prompt that users incorrectly associate with institutional user names and passwords. Library & Information Technology Association Library & Information Technology Association Library & Information Technology Association Library & Information Technology Association Presenting help pages near the point of access denial. Constructing menus that lead users to resolution of their own difficulties. Pointing links to help pages provided by software vendors. Recommending both basic (easy but broad) and advanced (harder but narrow) modifications when possible. Library & Information Technology Association Reassuring skeptical patrons and network administrators of the Library’s intentions. Assigning appropriate personnel to technical support. Partnering with other organizational units for 24/7 technical support. Accepting occasional failures. Library & Information Technology Association Library & Information Technology Association Library & Information Technology Association Library & Information Technology Association Library & Information Technology Association Library & Information Technology Association Reference librarians are not necessarily good at technical support. Web developers and system administrators are not necessarily good at technical support. Effective technical support personnel combine technical knowledge, problem-solving skills, communication skills, and empathy for end-user. Library & Information Technology Association Technical calls can distract reference personnel and create tension when questions exceed their expertise. With distance education initiatives growing, many colleges and universities have created technical support call centers. Library & Information Technology Association Technical support will receive library-related calls anyway, so why not train them to answer the calls correctly? Beware: Users sometimes confuse technical issues with research issues. Library & Information Technology Association It is impossible to anticipate every possible combination of operating system, browser, and software. Some users may be unwilling or unable to provide a complete description of their computing environments. Some users will be faced with computing environments outside their control. Library personnel have a hard time accepting failure to resolve patron needs, but must focus on the big picture. Library & Information Technology Association The situation will get worse before it gets better due to increasing concerns about Internet security. The issues surrounding new authentication technologies (e.g. Shibboleth) warrant further examination.