swan technology users group€¦ · formed a plan to quickly update affected units at member...
TRANSCRIPT
SWAN Technology Users Group
Thursday, September 19th 10:00 AM
Oak Brook Public LibrarySteven Schlewitt, SWAN Information Technology & Systems Support Manager
1
Meeting Agenda
Introductions
• Downtime Report
System Status Updates
Upcoming SWAN Initiatives
• Patron Self-Registration
• OHM
• Other Prospects
In-House Development Initiatives
• URGENT/11 Vulnerabilities
• SIP2 Sunsetting
Security Corner
• SWAN’s Audit Experience
Microsoft Licensing
SWAN Community Forums
Open Forum Discussions
System Downtime Report (June 1st – September 19th)
WorkFlows/Symphony ServerNo measurable downtime noted for this quarter
System Downtime Report (June 1st – September 19th) Enterprise SaaS Server
Date Approx Time Time Elapsed (Min) System Planned? Library Hours? Reason
6/1/2019 10:00 5 Enterprise No Yes Web services outage following brief Symphony server load spike
6/22/2019 19:10 5 Enterprise No Yes Enterprise service restart due to harvesting error
6/24/2019 19:03 5 Enterprise No Yes Enterprise service restart due to harvesting error
6/28/2019 21:22 5 Enterprise No No Enterprise service restart due to harvesting error
7/1/2019 19:03 5 Enterprise No Yes Enterprise service restart due to harvesting error
7/2/2019 19:14 5 Enterprise No Yes Enterprise service restart due to harvesting error
7/4/2019 19:08 5 Enterprise No Yes Enterprise service restart due to harvesting error
7/6/2019 10:42 5 Enterprise No Yes Web services outage and restart due to search load spike
7/6/2019 19:05 5 Enterprise No Yes Enterprise service restart due to harvesting error
7/8/2019 22:02 5 Enterprise Yes No Enterprise service restart to resolve ongoing harvest errors
7/29/2019 14:28 25 Enterprise No Yes Web services outage and restart due to search load spike
8/1/2019 5:05 10 Enterprise No No Unknown Enterprise outage
8/9/2019 15:43 5 Enterprise No Yes Unknown Enterprise outage
8/13/2019 13:19 5 Enterprise No Yes Web services outage and restart due to search load spike
8/13/2019 14:15 5 Enterprise No Yes Web services outage and restart due to search load spike
8/18/2019 19:33 5 Enterprise No No Unknown Enterprise outage
8/22/2019 20:53 5 Enterprise No Yes Unknown Enterprise outage
8/31/2019 11:57 10 Enterprise No Yes Web services outage and restart due to search load spike
9/9/2019 10:12 5 Enterprise Yes Yes Enterprise service restart to troubleshoot harvest issue
System Downtime Report, June 1st – September 19th
Enterprise OPAC Server
Uptime 99.9%
All Downtime(P/U) < 1%
WorkFlows / Symphony Server
Uptime 100%
All Downtime(P/U) 0%
What does SWAN have in-store?Organization-Wide Initiatives
• Continued Investigation Into BLUEcloud Research & Development
• Continued Work with Clarity Task Force
• Enhanced & Dynamic Curriculum of Training
• Analysis of Holds & Related Symphony Configuration
• Simplified Library Statistics
• Potential NEW LIBRARIES
• Roselle
• Glenside
• Maybe more!
6
User Experience Initiatives
7
• Usability research on Enterprise, BLUEcloud Mobile
• Consortial e-resource purchases
• Mobile-Friendly Enterprise (5.0.1)
• Redesigned Patron Site
Patron Experience
• Usability research on Workflows, staff work processes
• Improvements to SWAN Support Site
• Increased training
• Sharing discovery and e-resource statistics
Staff Experience
Bibliographic Services
Initiatives
Project-X (OHM)
Cataloging Standards
Investigation Into Cataloging Automations
Addition of Acquisitions Libraries
Blu-Ray/DVD Combo Pack Practices Overhaul
Bibliographic Data Cleanup (Control Numbers)
Information Technology Initiatives
9
Security
Revisiting vendor
connections and
agreements
-
Replacement of Sonicwalls
-
Investigation into more
secure methods of
access
-
Improved internal
training and standards
Stability
Disaster recovery tests
-
WorkFlows3.6.2 upgrade
-
Database cleanups for efficiency
Analytics
Trends in tickets and
outages
-
Email and SMS delivery statisti
cs
In-house Development
Project-X (OHM)
-
Online Patron Registration
Auto-Dialer
Replacement
Development Showcase:Patron Email Status Tool
How many libraries have tried the Patron Email Status Tool?
• Check the status of patron email notices with a barcode
• Verify date and time of receipt
• Remove SPAM blocks
10
Development Showcase:Online Patron Registration
Symphony Web Services-based registration form
• Basic duplicate checking
• Address validation
• Immediate access to electronic resources/databases
• Basic eligibility
Options being explored:
Development Showcase:Other Development Projects & Prospects
12
• Holds Management
• Part of a larger project to improve hold processing, boosting the filling of holds through local materials when readily available.
• OHM / Project X
• Future replacement for The Marc of Quality, uses OCLC API’s to compare and update holdings for SWAN and other consortia.
In-Progress
• Web Services-based Self Checkout
• Raspberry Pi OPAC
• “Missing Pieces” materials database
Other Prospects
13
Security Corner:URGENT/11 Exploit (Impacting SonicWalls)• July 29th, security researchers announced the URGENT/11 vulnerabilities in the
VxWorks OS for embedded systems. This software is in widespread use in everything from consumer electronics to medical devices, and even in nuclear plant control systems. The flaws allowed for unauthenticated remote access and control of affected devices. At the same time, SonicWall announced that many of their firewall lines were vulnerable to these flaws.
• SWAN IT assessed the scope of the problem, evaluated the risks associated, and formed a plan to quickly update affected units at member libraries. By Tuesday evening, all SWAN-managed firewalls were patched against the vulnerability.
• If your library manages your own SonicWall, you should update it as soon as possible. If you need assistance in locating the latest firmware, please open a ticket with your SonicWall model and we will provide the update file if we can.
• For more information, please refer to the SonicWall blog post at https://blog.sonicwall.com/en-us/2019/07/wind-river-vxworks-and-urgent-11-patch-now/.
Security Corner:SonicWall End-
of-Life (EOL) Upgrades
14
sonicwall.com/support/product-lifecycle-tables/
• Many SWAN-maintained libraries will require upgrades in the next two years
• Options for replacement:
• Purchase the comparable, SWAN-recommended hardware
• If other supported hardware is in-place, join the SWAN Self-Maintainer Agreement and use that hardware exclusively
Security Corner:Initiative to Identify Security Gaps
15
Documentation of significant risks
Audit of vendor connections, agreements
Audit of WorkFlows configuration, permissions, passwords
Possible outside consultation
How many libraries have sought an external penetration test (ethical hacking)?
16
Security Corner:External Vendor Authentication• SWAN is working to sunset all external SIP2 connections!
• Ideal solutions for external vendor authentication include:• Symphony Web Services
• Capable of providing limited data• Secured by SSL
• OpenAthens• Capable of providing limited data• Secured by SSL• “Proxied” for an extra layer of security from the vendor to Symphony
• TLS-Wrapped SIP2• Uses client to provide end-to-end secured SIP2• Options for natively integration over Symphony (with vendor support)• Or over Stunnel (open source alternative)
• Relates to our process for onboarding new vendors
• Internal SIP2 connectivity would remain unaffected
Microsoft Licensing: The SWAN (Soft) Audit
• December 2018 through May 2019
• Time consuming in correspondence• Quicker resolution possible
• Expected completion dates are ambitious but flexible if requested
• Emails from v-[name]@microsoft.com address
• Soft audits may be optional, but could result in a full audit
• Submit web forms or Excel docs
• Initial forms result in follow-up forms
• Important Takeaways:
• Keep your invoices/receipts and vendor contacts from those purchases• Maintain a reliable reseller to assist
• Maintain an up-to-date asset log
17
User Groups Update: RFID
• Addition of Co-Chair: • Ahren Sievers - Reference Technology Librarian
at the Elmwood Park Public Library
• Driven by roadmap of initiatives (coming soon)• Ex. Standardized request for proposal
(RFP)• Ex. Standardized data model• Ex. Answers to common questions
• Integration with SWAN Community Forums
18
SWAN Community Forums
• forums.swanlibraries.net
• Avenue for continued SWAN Technology User Group Discussion
• By invitation only
• You’ll all be receiving personalized invitations
• Please use the Technology category for discussions
• RFID
• Licensing & Software
• Development
• Security
• Hardware & Peripherals
19
Open Forum Discussion:Agenda Topics
• Who is your preferred reseller and how has your experience been?
Software and Hardware Resellers
• What brands (and models) have you found to work the best?
• Do you use the carriage return option?
Barcode Scanners
UpcomingSWAN Technology Events
Thursday, October 31st 2019 at 10am
Elmwood Park Public Library
https://www.librarylearning.info/events/?eventID=27847
SWAN RFID Committee
Thursday March 26th 2020
Location TBD
SWAN Technology
Users Group
How to Contact Us
• SWAN Support• Email: [email protected]• Phone: 844-SWANLIB (ext. 0)
• Steven Schlewitt, IT & Systems Support Manager• Email: [email protected]• Phone: 630.326.5993
• Ian Nosek, Systems Administrator• Email: [email protected]• Phone: 630.326.5887
• Rudy Host, Systems Engineer• Email: [email protected]• Phone: 630.326.5775
• Michael Szarmach, Systems Administrator• Email: [email protected]• Phone: 630.326.8929
• Vickie Totton, Systems & Support Consultant• Email: [email protected]• Phone: 630.326.8714
• Dave Pacin, Systems Administrator• Email: [email protected]• Phone: 630.326.8360