Best Practices 2014-2015
BEST PRACTICE -1:
I: Title of the Practice: Access to e-resources through Remote Access facility in the Library
Objectives of the Practice: To provide the bona fide users of the university 24/7 access, from anywhere beyond the campus, to all the resources of the university library. Today library users need not come physically to the library to use print format, but can access online library resources and services via networks.
Generally user communities, residing outside the campus or off-campus, are disadvantaged by the inability to access library e-resources in their hours of need. Due to the pressing demand from the users’ communities for off / remote campus access to all the e-resources, library initiated the search for an appropriate off-campus login access solution using SSL VPN software technology. Remote access to e-resources is a best practice for a university library because it offers opportunity for the best use of the e-resources, which is one of the objectives of a modern academic library.
The Context: The library is a knowledge centre wherein all the resources irrespective of print and e-resources are stored. E-resources are the mainstay of any modern library in this information seeking era. The phenomenal growth in the ICT has regulated in the emergence of a set of several new terms like paperless society, e-library, virtual library, gateway, etc. indicating its impact on various fields.
There is a striking effect on the users’ behaviour in information utilization because of improved dissemination of web environments with the development of IT. The library users now request immediate and suitable usage of information across the time and space limit.
The university libraries are now witnessing enormously increased demand from the users’ side for online resources from both within and off the campus. University libraries have passed through various stages from document delivery to direct remote access by the users with the advent of ICT.
Usually in a university library, access to subscribed e-resources is made available on intranet environment which is limited to users residing in the campus. Thus remote access to e- resources among users community wherever they reside is the priority of the library.
The Practice: The Central Library of the Vidyasagar University is designed with state-of-the- art-equipment. At present, the library has four high end servers which are running in the cloud environment using virtualization technology. Through this cloud platform majority of the electronic library services like library web server, database server, remote access server, authentication server, digital library (e-resources repository) server, CD-DVD mirror server etc. are available all the time for access within and beyond the campus. There are more than 7000 full text e-journals, several subscribed e-books and lots of purchased/book accompanied by CD-DVD are available, while through Document Repository Portal other digitized collection such as non-copyrighted books, old question papers, theses and dissertations etc. can be accessed. Different event videos/image-galleries of this university, video lectures and other different types of media files are available through Media Repository Portal. All the infrastructure & resources are maintained by in-house staffs. However, most of our e-journals, e-books, databases and other electronic resources reserve access restriction. At present, the Library provides Remote-Access facility to its digital collections so that library users can access online e-resources and other digital repositories from outside campus by using SSL VPN technology. In this knowledge management arena, the library portal of the Vidyasagar University has been playing a key role in bridging information resources, people, and intellectual properties in the knowledge sharing environment.
A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network, and thus are benefiting from the functionality, security and management policies of the private network. A VPN is created by establishing a virtual point-to-point connection through the use of dedicated connections, virtual tunnelling protocols, or traffic encryption. An SSL VPN (Secure Sockets Layer Virtual Private Network) does not require the installation of specialized client software and can be used with a standard Web browser on the end user's computer.
Through this specialized service, users can access e-resources as per the e-resource access policy of Central Library, Vidyasagar University. Any type of systematic download is strictly prohibited. Disciplinary action may be taken for violating any policy/condition or using information received from e-resources for commercial purpose.
Steps to enjoy Remote-Access facility:
- User has to fill up the prescribed Application Form for Remote Access Facility and submit it to the library after having forwarded by the head of the department (except faculty) along with photocopy of Library Membership Card.
- A user account will be created and Username, Password, provided to the user.
- Users have to open Library website (http://library.vidyasagar.ac.in) and then open the Remote-Access link and provide given username and password and will be redirected to a secured page containing links and bookmarks along with search facility.
In case of any problem encountered, the users can give their feedback/suggestion from Access Problem: link of the Library Website or send a mail to esupport@mail.vidyasagar.ac.in.
Evidence of Success: The idea of accessing all e-resources through remote access facility is not a very old one. But within this limited time period, heavy responses came from the users’ side and they have happily accepted this facility. Faculties are showing interest in this facility and it is expected that if faculties use this facility more and more, they will advise and guide their scholars and students to access the e-resources using remote access facility in larger numbers. The scenario is encouraging and our university library is expecting increasing enthusiastic response from the users.
Problems Encountered and Resources required:
Problems encountered: No major problem has been faced by the library yet to implement this problem, but still sometimes a few problems are encountered which are not always within the control of the library which are mentioned below:
(i) The University, being located at a remote area and with the Internet Service Provider such as NIC, link failure problem or heavy congestion in network is sometimes experienced. During that period the users face problems in using the e- resources from the campus.
(ii) Lack of sufficient infrastructural facilities sometimes hinders the access of e- resources from remote places.
Resources Required:
(a) Basic requirements: 24/7 online UPS, 24/7 minimum 2 Mbps Bandwidth [presently our library is connected with NKN-1Gbps speed], furnished Server room with 24/7
Air-conditioning arrangement, periodic Preservation and Maintenance of servers and Network with least Downtime, Professional staff for management and Guide to the users.
(b) Hardware requirements: Managed network with firewall and L3 Network Switch, Server with sufficient storage space to archive all the e-resources.
(c) Software requirements: Web server, database server, Server configured with SSL- VPN, Virtualization server software to create VMS, authentication server, CD/DVD Mirror server for storing different archives, D-space server for document repository, in-house developed applications like media repository, different, different access catalogues, one window search library portal, etc.
BEST PRACTICE-2
Title of the Practice: User Based Authentication for Internet Access
- Objective of the Practice
- Build and Maintain a Secure Network
- Protect stakeholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
2. The Context
The Security of data and information is always a major concern for any organization. Unauthorized access and access to unauthenticated content from an educational institution are also some major issues of concern. Hence a mechanism is required which will take care of these kinds of issues by providing a checkpoint. This requires effort required to monitor and maintain acceptable use policies, as well as identify attack patterns to help you fine-tune your policies. Organizations of any size will benefit from centralized security event logging, forensic research, reporting, content archiving, data mining and malicious file quarantining.
3. The Practice
The FortiAnalyzer family minimizes this effort. Forti Analyser platform, which integrates network logging, analysis and reporting to a single system, delivering increased knowledge of security events throughout the University network, is installed in Computer Centre.
FortiAnalyzer offers enterprise class features to identify threats, while providing the flexibility to evolve along with the ever-changing network. FortiAnalyzer can generate highly customized reports for any organization’s requirements, while aggregating logs in a hierarchical, tiered logging topology. It aggregates alerts and log information from Fortinet appliances and third-party devices in a single location, providing a simplified, consolidated view of the security status. In addition, FortiAnalyzer platforms provide detailed data capture for forensic purposes to comply with policies regarding privacy and disclosure of information regarding security breaches.
4. Evidence of Success
A “FortiAnalyzer 300 D” has been installed in Computer Centre, Vidyasagar University to monitor the network and provide the ‘User Based Authentication’ services to the stake holder of the University. The stake holders or the users are divided into some groups like Administrators (Super user), Faculty, Officer, Non Teaching Staff, Research Scholar, Student etc. for their ‘User Based Authentication’ to get Internet service. The authentication is also provided based on particular department/centre/lab.
After the implementation of the aforementioned “FortiAnalyzer 300 D”, access to the internet and managing the system has become more systematic and suitable. “FortiAnalyzer
300 D” decreases the Adware, Malware and unintended Popup considerably. The Analyzer can generate the user or department/centre/lab based Internet access log any time. Hence, managing the log files and user authentication become more compact.
5. Problem Encountered and Resource Required
At the initial phase of the implementation, it is required to create the ‘User ID’ and ‘Password’ for every individual user and department/centre/lab etc. From time to time a little modification of the access policies is required; hence some human (Administrators/Super user) effort is necessary to take care of those things. The whole system is working through the network connection; therefore all the computer systems which intend to have the facility of “FortiAnalyzer 300 D” are required to be connected either by wire or wireless connection.