SWAN Technology Users Group

Thursday, September 19th 10:00 AM

Oak Brook Public LibrarySteven Schlewitt, SWAN Information Technology & Systems Support Manager

1

Meeting Agenda

Introductions

• Downtime Report

System Status Updates

Upcoming SWAN Initiatives

• Patron Self-Registration

• OHM

• Other Prospects

In-House Development Initiatives

• URGENT/11 Vulnerabilities

• SIP2 Sunsetting

Security Corner

• SWAN’s Audit Experience

Microsoft Licensing

SWAN Community Forums

Open Forum Discussions

System Downtime Report (June 1st – September 19th)

WorkFlows/Symphony ServerNo measurable downtime noted for this quarter

System Downtime Report (June 1st – September 19th) Enterprise SaaS Server

Date Approx Time Time Elapsed (Min) System Planned? Library Hours? Reason

6/1/2019 10:00 5 Enterprise No Yes Web services outage following brief Symphony server load spike

6/22/2019 19:10 5 Enterprise No Yes Enterprise service restart due to harvesting error

6/24/2019 19:03 5 Enterprise No Yes Enterprise service restart due to harvesting error

6/28/2019 21:22 5 Enterprise No No Enterprise service restart due to harvesting error

7/1/2019 19:03 5 Enterprise No Yes Enterprise service restart due to harvesting error

7/2/2019 19:14 5 Enterprise No Yes Enterprise service restart due to harvesting error

7/4/2019 19:08 5 Enterprise No Yes Enterprise service restart due to harvesting error

7/6/2019 10:42 5 Enterprise No Yes Web services outage and restart due to search load spike

7/6/2019 19:05 5 Enterprise No Yes Enterprise service restart due to harvesting error

7/8/2019 22:02 5 Enterprise Yes No Enterprise service restart to resolve ongoing harvest errors

7/29/2019 14:28 25 Enterprise No Yes Web services outage and restart due to search load spike

8/1/2019 5:05 10 Enterprise No No Unknown Enterprise outage

8/9/2019 15:43 5 Enterprise No Yes Unknown Enterprise outage

8/13/2019 13:19 5 Enterprise No Yes Web services outage and restart due to search load spike

8/13/2019 14:15 5 Enterprise No Yes Web services outage and restart due to search load spike

8/18/2019 19:33 5 Enterprise No No Unknown Enterprise outage

8/22/2019 20:53 5 Enterprise No Yes Unknown Enterprise outage

8/31/2019 11:57 10 Enterprise No Yes Web services outage and restart due to search load spike

9/9/2019 10:12 5 Enterprise Yes Yes Enterprise service restart to troubleshoot harvest issue

System Downtime Report, June 1st – September 19th

Enterprise OPAC Server

Uptime 99.9%

All Downtime(P/U) < 1%

WorkFlows / Symphony Server

Uptime 100%

All Downtime(P/U) 0%

What does SWAN have in-store?Organization-Wide Initiatives

• Continued Investigation Into BLUEcloud Research & Development

• Continued Work with Clarity Task Force

• Enhanced & Dynamic Curriculum of Training

• Analysis of Holds & Related Symphony Configuration

• Simplified Library Statistics

• Potential NEW LIBRARIES

• Roselle

• Glenside

• Maybe more!

6

User Experience Initiatives

7

• Usability research on Enterprise, BLUEcloud Mobile

• Consortial e-resource purchases

• Mobile-Friendly Enterprise (5.0.1)

• Redesigned Patron Site

Patron Experience

• Usability research on Workflows, staff work processes

• Improvements to SWAN Support Site

• Increased training

• Sharing discovery and e-resource statistics

Staff Experience

Bibliographic Services

Initiatives

Project-X (OHM)

Cataloging Standards

Investigation Into Cataloging Automations

Addition of Acquisitions Libraries

Blu-Ray/DVD Combo Pack Practices Overhaul

Bibliographic Data Cleanup (Control Numbers)

Information Technology Initiatives

9

Security

Revisiting vendor

connections and

agreements

-

Replacement of Sonicwalls

-

Investigation into more

secure methods of

access

-

Improved internal

training and standards

Stability

Disaster recovery tests

-

WorkFlows3.6.2 upgrade

-

Database cleanups for efficiency

Analytics

Trends in tickets and

outages

-

Email and SMS delivery statisti

cs

In-house Development

Project-X (OHM)

-

Online Patron Registration

Auto-Dialer

Replacement

Development Showcase:Patron Email Status Tool

How many libraries have tried the Patron Email Status Tool?

• Check the status of patron email notices with a barcode

• Verify date and time of receipt

• Remove SPAM blocks

10

Development Showcase:Online Patron Registration

Symphony Web Services-based registration form

• Basic duplicate checking

• Address validation

• Immediate access to electronic resources/databases

• Basic eligibility

Options being explored:

Development Showcase:Other Development Projects & Prospects

12

• Holds Management

• Part of a larger project to improve hold processing, boosting the filling of holds through local materials when readily available.

• OHM / Project X

• Future replacement for The Marc of Quality, uses OCLC API’s to compare and update holdings for SWAN and other consortia.

In-Progress

• Web Services-based Self Checkout

• Raspberry Pi OPAC

• “Missing Pieces” materials database

Other Prospects

13

Security Corner:URGENT/11 Exploit (Impacting SonicWalls)• July 29th, security researchers announced the URGENT/11 vulnerabilities in the

VxWorks OS for embedded systems. This software is in widespread use in everything from consumer electronics to medical devices, and even in nuclear plant control systems. The flaws allowed for unauthenticated remote access and control of affected devices. At the same time, SonicWall announced that many of their firewall lines were vulnerable to these flaws.

• SWAN IT assessed the scope of the problem, evaluated the risks associated, and formed a plan to quickly update affected units at member libraries. By Tuesday evening, all SWAN-managed firewalls were patched against the vulnerability.

• If your library manages your own SonicWall, you should update it as soon as possible. If you need assistance in locating the latest firmware, please open a ticket with your SonicWall model and we will provide the update file if we can.

• For more information, please refer to the SonicWall blog post at https://blog.sonicwall.com/en-us/2019/07/wind-river-vxworks-and-urgent-11-patch-now/.

Security Corner:SonicWall End-

of-Life (EOL) Upgrades

14

sonicwall.com/support/product-lifecycle-tables/

• Many SWAN-maintained libraries will require upgrades in the next two years

• Options for replacement:

• Purchase the comparable, SWAN-recommended hardware

• If other supported hardware is in-place, join the SWAN Self-Maintainer Agreement and use that hardware exclusively

Security Corner:Initiative to Identify Security Gaps

15

Documentation of significant risks

Audit of vendor connections, agreements

Audit of WorkFlows configuration, permissions, passwords

Possible outside consultation

How many libraries have sought an external penetration test (ethical hacking)?

16

Security Corner:External Vendor Authentication• SWAN is working to sunset all external SIP2 connections!

• Ideal solutions for external vendor authentication include:• Symphony Web Services

• Capable of providing limited data• Secured by SSL

• OpenAthens• Capable of providing limited data• Secured by SSL• “Proxied” for an extra layer of security from the vendor to Symphony

• TLS-Wrapped SIP2• Uses client to provide end-to-end secured SIP2• Options for natively integration over Symphony (with vendor support)• Or over Stunnel (open source alternative)

• Relates to our process for onboarding new vendors

• Internal SIP2 connectivity would remain unaffected

Microsoft Licensing: The SWAN (Soft) Audit

• December 2018 through May 2019

• Time consuming in correspondence• Quicker resolution possible

• Expected completion dates are ambitious but flexible if requested

• Emails from v-[name]@microsoft.com address

• Soft audits may be optional, but could result in a full audit

• Submit web forms or Excel docs

• Initial forms result in follow-up forms

• Important Takeaways:

• Keep your invoices/receipts and vendor contacts from those purchases• Maintain a reliable reseller to assist

• Maintain an up-to-date asset log

17

User Groups Update: RFID

• Addition of Co-Chair: • Ahren Sievers - Reference Technology Librarian

at the Elmwood Park Public Library

• Driven by roadmap of initiatives (coming soon)• Ex. Standardized request for proposal

(RFP)• Ex. Standardized data model• Ex. Answers to common questions

• Integration with SWAN Community Forums

18

SWAN Community Forums

• forums.swanlibraries.net

• Avenue for continued SWAN Technology User Group Discussion

• By invitation only

• You’ll all be receiving personalized invitations

• Please use the Technology category for discussions

• RFID

• Licensing & Software

• Development

• Security

• Hardware & Peripherals

19

Open Forum Discussion:Agenda Topics

• Who is your preferred reseller and how has your experience been?

Software and Hardware Resellers

• What brands (and models) have you found to work the best?

• Do you use the carriage return option?

Barcode Scanners

UpcomingSWAN Technology Events

Thursday, October 31st 2019 at 10am

Elmwood Park Public Library

https://www.librarylearning.info/events/?eventID=27847

SWAN RFID Committee

Thursday March 26th 2020

Location TBD

SWAN Technology

Users Group

How to Contact Us

• SWAN Support• Email: help@swanlibraries.net• Phone: 844-SWANLIB (ext. 0)

• Steven Schlewitt, IT & Systems Support Manager• Email: steven@swanlibraries.net• Phone: 630.326.5993

• Ian Nosek, Systems Administrator• Email: ian@swanlibraries.net• Phone: 630.326.5887

• Rudy Host, Systems Engineer• Email: rudy@swanlibraries.net• Phone: 630.326.5775

• Michael Szarmach, Systems Administrator• Email: michael@swanlibraries.net• Phone: 630.326.8929

• Vickie Totton, Systems & Support Consultant• Email: vickie@swanlibraries.net• Phone: 630.326.8714

• Dave Pacin, Systems Administrator• Email: dave@swanlibraries.net• Phone: 630.326.8360