Library Technology Guides

---

Volume 17 Number 07 (July 1997)

Firewalls now generally available from automated library system vendors

As recently as eight months ago only two vendors of automated library systems offered an optional "firewall" as part of their product. A "firewall" is a technology which protects against unauthorized access to a computer system or to specific applications on a computer system.

There are several different types of firewalls. The simplest type are known as "packet filters." They accept or block access based on the source or destination; e.g., is the source of the request (the Ii' address) safe and is the destination authorized? More complex firewalls limit access to specific applications. Some use a "proxy" to which all requests are addressed, and that proxy actually accesses the application. The most complex f irewalls use "stateful inspection," an extensive table of rules in which the firewall administrator defines parameters for each application. The most widely used product of this type is Firewall 1, a product of Check Point Software Technologies.

All firewalls produce audit logs which record attempts to access applications at odd hours or which attempt to run system programs. While analyzing the logs is useful, even more valuable is a feature which dials a system manager's pager when an unauthorized access attempt is being made.

Firewalls generally cost at least $5,000 for up to 50 users, and as much as $25,000 for an unlimited number of users. They can be difficult to install, therefore, the increasing willingness of automated library system vendors to supply them is welcome news.

Many firewall products require that they be mounted on a separate hardware platform from the applications to be protected. SUN Solaris is particularly popular. Several companies offer both Unix and NT versions, thus, offering greater hardware flexibility.

Placement of the firewall is critical. It doesn't help a library much to have the firewall between a campus network and the Internet when there are thousands of potential users "inside" the firewall. The best placement is between a library's LAN and the host or server, thus controlling access by persons in the library as well as outside it. This is known as an "internal firewall." It is quite possible that such a firewall will be in addition to a firewall installed by a library's parent organization on its network.

Installing a firewall can give a library a false sense of security. Most of the damage to files is not caused by "hackers" coming in via the Internet, but by staff who make mistakes because they are improperly trained or staff who are disgruntled and want to do damage. For that reason, a library should maintain a good training program, control access to applications by passwords, and change passwords regularly. Regular backup of all files should also be undertaken.

Computer security experts recommend that an organization conduct a security audit at least once every two years. The audit should examine not only the firewall, but also security software for PCs, physical security for the computer room, password policies, back-up procedures, staff training, and every other aspect of computer use.

"Safe" system hardware

We were recently asked "what is the safest system hardware to buy?" The inquiry came from a library which did not define "safe," but made it clear that it wanted to avoid being stuck with hardware which might be abandoned by the original vendor and not supported by anyone locally. We have expanded on this criteria by defining system hardware as "safe" when:

1. It is manufactured by a financially stable company
2. The manufacturer has maintenance support within 100 miles of more than 95 percent of the U.S. population
3. There is an active "after-market," third-party organizations which sell parts and service for the hardware
4. The installed library system base is large enough that some other automated library system vendors will support the hardware for a customer which is migrating to its system even though it does not sell that hardware.

Using these criteria, the "safest" purchases are the Digital Alpha, Hewlett-Packard 9000, and IBM RS/6000. All three come from major manufacturers which have blanketed the U.S. and much of Canada and Europe-with maintenance support centers. In terms of overall market share: HP and Digital each have 23 percent of the mid-range systems market; IBM has 30 percent, but only a little more than half of that is the IBM RS/6000. There are hundreds of companies which manufacture replacement parts and thousands which offer maintenance for these machines. There are at least 1,000 of each of these product lines installed in libraries.

The SunSPARC/Ultra, which is now being offered by some vendors of automated library systems is also a good choice, although the company is considerably smaller than the "big three," therefore, maintenance support is not as widely available and the "after-market" is quitE small. Nevertheless, any company which has 17 percent of the mid-range market has to be considered a major player. Consider that all of the other companies in the industry combined have only seven percent of the market.

Tandem, which has been a minor player in the market for the last few years, is expected to benefit from a major infusion of capital as the result of its acquisition by Compaq. The combined companies will be larger than either Digital or Sun.

The statistics in this report were provided courtesy of VarBusiness Research.

Ameritech to release new Dynix WebPAC in Fall

Ameritech will release an improved version of Dynix WebPAC this fall. The product is currently in testing. In addition to providing a Web-based user interface, it will offer self-service features such as patron-placed/canceled holds, ILL requests, patron-initiated renewals, and self-registration. It is designed to work not only with fully-configured PCs, but also with network computers. A network computer is a diskless workstation limited to running Java Applets from a central server. The intent is to reduce the cost of workstations-although the price differential between network computers and budget PCs currently is small-and to reduce the amount of time required for servicing workstations as applications will be managed on a central server.

In a related development, Sun Microsystems has announced that it will offer a $99 plug-in card based on a micro-Java processor, code-named Java-Blaster, that will provide fast hardware-based Java code interpretation to PCs. This will make it possible to convert PCs, especially aging PCs, into network clients. The cards are expected to become available in the third quarter of 1997.

Ameritech hopes to use Citrix Winframe technology, but it appears that a version of the product which supports Windows95 is at least as far away as late 1997. This despite an announcement by Microsoft and Citrix that they were working together to integrate Citrix technology into Microsoft products.

Ameritech has also announced that the long awaited support of diacritics and multilingual capability is scheduled for the fourth quarter of 1997. Other enhancements under development are EDI x.12 online ordering and claiming, and the ability to place holds in Kid's Catalog.

[Contact: Ameritech Library Services, 400 Dynix Drive, Provo, UT 84604; 800-288-8020; FAX 801-223-5202; home page http://www.amlibs.com].

CARL up for sale

CARL Corporation, which was purchased in October 1995 by Knight Ridder Information (KRI) is now for sale along with a whole division of which Dialog is the largest single component. The parent company has decided to refocus on the newspaper business, and to help raise approximately $1.6 billion for the purchase of several newspapers is selling this division valued at about $500 million. Dialog is known to be coveted by as many as nine major companies. The sale is expected to be consumated within the next few months. Whether or not CARL will continue to be a part of the whole package or will subsequently be sold to a third party will have to be played out.

Knight Ridder had originally been attracted by CARL's Uncover document delivery product which complements Dialog.

As recently as a few months ago, Knight Ridder denied any intention of selling CARL.

CARL's product development schedule is not expected to be affected by the sale. The migration to the NT operating system should be complete by the end of 1998. The change in operating system will make the CARL product more scalable, and will also allow it to operate on a wider range of hardware platforms. Tandem, the only hardware line on which CARL has run, is being acquired by Compaq-a company with a wide range of servers suitable for smaller libraries. Unlike some vendors in the industry, CARL, will not charge existing customers for the change in operating system.

[Contact: CARL Corporation, 3801 East Florida, #300, Denver, CO 80210; 303-758-3030; FAX 303-758-0606]

DRA names new product

DRA's new client/server product which has been slow in coming has come one step closer by receiving a name--TAOS. While the product will not be completed until next year, several components have become available, including Web2, circulation, and cataloging. Web2, an OPAC which not only supports access with a Web browser, but also Z39.50, will not only be part of TAOS, but will integrate with libraries' existing DRA Classic, INLEX/3000, and MultiLIS systems. Web2 supports simultaneous searching of multiple databases and the subsequent merging of the results. Searches can be limited by location or date.

The new circulation module features mouseless operation, a simple interface with large fonts for easy readability, the ability to move among functions without switching menus, and virtually unlimited note fields. Cataloging features extensive multilingual capability because UNICODE is supported. This means CJK, Cyrillic, Hebrew and other character sets will be available. The cataloging module incorporates standard Windows functions.

Work on the server is progressing. It has been decided that the design will include an object oriented database management system. The product selected is ObjectStore by Object Design, a leading object database developer. Libraries will have a choice of Windows NT, Open VMS, or UNIX operating system, and three-tiered technology which logically separates tasks into three main functional levels. The last facilitates customizable GUI for staff, and even patrons.

When completed within the next year, the new product will include acquisitions, serials control, cataloging, circulation, reserve book room, online patron access catalog, community information, interlibrary loan, imaging, journal citation files, media booking, and newspaper indexing modules.

[Contact: DRA, 1276 N. Warson Road, St. Louis, MO 63132; 800-325-0888; FAX 314-993-8927]

EOS International announces GLAS version 2.0

Version 2.0 of GLAS, a comprehensive, fully-integrated Windows-based system for small to medium-size libraries is now available for standalone PCs or networks. (Version 1.0 is installed in over 500 libraries.) The enhancements include full-MARC support, catalog card printing, full serials, binding preparation functionality, title index browsing for holds, ability to edit ID numbers when importing from circulation, and a "zoom" feature on all browse Windows screens.

Available modules include acquisitions, serials control, cataloging, circulation, GoPAC (GUI online patron access catalog), Databridge record import/export, Easy-Search, and ImageLink. The product is available in "American" English, "English" English, and French.

A demonstration disk is available on request.

[Contact: EOS International, 5838 Edison Place, Carlsbad, CA 92008; 800-876-5484; FAX 760-431-8448; URL: http://www.eosintl.com]

Endeavor customer list now totals 80

Endeavor now has 80 systems installed and is in negotiation with at least ten additional libraries-one of them a major Canadian university. Among the recent installations are Auburn University, Eastern Michigan University, Harvard University School of Business Administration, Villanova University, the 14 campuses of the State System of Higher Education of Pennsylvania, and the seven members of the Washington Research Library Consortium.

The company targets academic libraries, but also is interested in research institutes. Among the recent signings in this category are the Mystic Seaport Museum and the Webb Institute of New York.

[Contact: Endeavor Information Systems, 2200 E. Devon Avenue, #382, Des Plaines, IL 60018; 800-762-6300; FAX 847-296-5636]

Gaylord's Polaris to complement Galaxy

Gaylord will offer its new POLARIS client/server automated library system product to academic, public, and school libraries which require systems supporting more than 100 concurrent users. Galaxy will continue to be offered to smaller public libraries-the market segment of which it has sold best over the past few years. POLARIS will be offered only under the Windows NT operating system, rather than both UNIX and NT as previously planned. The decision to focus on NT reflects confidence that NT will be widely accepted. The patron access catalog will be Web-based; the staff client, which will incorporate all modules, is available for both Windows95 and Windows NT.

Pricing is still not determined, but the product will be sold as a complete package, rather than as modules. The pricing will be scaled to reflect the number of workstations in a library and the number of ports available to external users.

While one system has been installed, it is not yet operational but will be later this summer. The full range of functionality will not be delivered until 1998.

[Contact: Gaylord, P.O. Box 4901, Syracuse, NY 13221; 800-272-3414; FAX 315-457-5883]

Ex Libris purchases Dabis

Ex Libris Lts., the Israeli company which sells the Aleph 500 automated library systems and supports several earlier generations of that system, has purchased DABIS of Germany and DABIS of Austria, a former leading vendor of automated library systems in the German speaking countries. DABIS had gone into receivership, primarily because of failure to sell new systems. ExL GmbH, a new Ex Libris subsidiary, will service the 300 DABIS accounts and will seek to migrate them to its product. It has hired 26 former DABIS staffers and will maintain offices in Hamburg, Berlin, and Cologne.

Ex Libris, while not yet a major player in North America, is rapidly becoming a major international vendor of automated library systems.

[Contact: Ex Libris USA at 315-449-2132; FAX 315-449-1860]

Innovative Strengthens its Colorado position

Innovative Interfaces, Inc. (III) has signed four more Colorado libraries: University of Denver, University of Denver Law Library, Auraria Library, and the University of Northern Colorado. Each will operate its own INNOPAC system. The University of Colorado, University of Colorado Health Sciences Center, and Colorado State University had previously signed with Innovative.

Innovative will work with the libraries to facilitate resource sharing among them.

[Contact: Innovative Interfaces, Inc., 5850 Shellmound, Emeryville, CA 94608; 800-878-6600; E-mail info@III.com]

EDIFACT agreement signed between BNA and Innovative

Blackwell North America (BNA), a major supplier of books to academic libraries, has signed an agreement with Innovative Interfaces, Inc., to implement EDIFACT transmissions between Innovative's automated library systems and BNA's computers. Current plans are for initial availability to be achieved in the first quarter of 1998, with full implementation to follow later in the year.

Other vendors which have recently adopted EDIFACT as the standard for their systems' online ordering and claiming capabilities are Ameritech Library Services for Horizon and Endeavor Information Systems.

EDIFACT is the international online ordering and claiming standard which succeeds both BISAC and EDI x.12. Unfortunately, many automated library systems vendors have been slow to migrate from BISAC and EDI X.l2, thus creating a confusing mix of three standards-a situation to which libraries respond by specifying none of them when writing RFPs for automated library systems. Our recommendation is that libraries specify online ordering and claiming per EDIFACT, and require no-cost migration from one of the older standards to EDIFACT if the vendor's product does not yet conform to the current standard.

[Contact: Blackwell North America, 6024 SW Jean Road, Bldg. G, Lake Oswego, OR 97035; 800-547-6426; FAX 503-639-2481]

On Point announces relational TLC

On Point, the developer of the TLC library applications software for PCs (Windows 3.1, Windows95, and NT) and Macs, has announced Version 2, a version which will use a relational database management system. The new version will allow databases to be much larger and will provide much faster searching. A number of other enhancements have also been included.

[Contact: On Point, 2606 36th Street, NW, Washington, DC 20007; 202-338-8914; FAX 202-337-7107]

VTLS continues to expand

While detailed figures were not available, VTLS has reported that its board has approved a second 20 percent increase in staff size in the past twelve months. The action comes after a strong third quarter of the fiscal year (January-March, 1997) in which deliverables were up 48 percent over the same quarter a year ago. A number of the new sales were outside North America, including four sales in Malaysia, expanding the customer base in that country to 14.

Most of the new positions will be committed to product development and customer services. The company's new building, which will accommodate 200 staff, began construction on May 5, 1997.

[Contact: VTLS, 1800 Kraft Drive, Blacksburg, VA 24060; 540-557-1200; FAX 540-557-1210]

LSSI to operate Riverside County Libraries

There has been a great deal of speculation about the future of the 25 libraries of Riverside County, California, since the County Board of Supervisors voted to award full responsibility for their operation to Library Systems and Services, Inc. LSSI has undertaken similar library management contracts for federal libraries, but nothing on this scale. The County, which has a population of more than 1.4 million, had previously cut the operating budget of the libraries by 30 percent. LSSI will seek to improve collections and services within the curtailed budget. The focus will be on improved management and technological innovation. The libraries already participate in OCLC and have an automated library system (DRA), therefore, LSSI is going to have to be very innovative indeed. We will report on developments from time to time.

Discounted telecommunications services

In May, the FCC established deep discounts on a wide range of telecommunications services for the nation's libraries and schools. Even though applications for the Universal Service Fund Program are not yet available, libraries can, and should, be preparing now. At stake is the opportunity to obtain discounts of 20 to 90 percent on commercially available telecommunications services effective January 1, 1998. The discounts also will apply to network cabling, hardware (routers, hubs, network file servers), network software, installation, and maintenance costs. Training costs are also discountable but the training must relate to telecommunications use, not information content.

At a minimum, a library should begin now to do the following things: 1) determine probable eligibility, 2) locate their appropriate state agency, and 3) prepare a telecommunications plan.

Eligibility Determination--In order to be eligible for a Universal Services Fund grant a library must meet the definition for eligibility of the Library Services and Technology Act (LSTA). It may be a public, research, or private library. However, among other things, LSTA requires that the library is non-profit and not part of an institution of higher education. School libraries are eligible, but the school must meet the eligibility requirement of the Elementary and Secondary Education Act of 1965. Schools with endowments of more than $50 million are not eligible.

Consortia of libraries also may apply, but discounts may only be allocated to those members whose eligibility under the program has been determined individually. (The main advantage of acting as a consortium would be to increase bargaining power with suppliers and thus secure lower prices overall.)

The amount of the discount is determined by the economic disadvantage of an area. The percentage of students in a school district who are eligible for the national school lunch program is the major factor in calculating the discount level. A library must ascertain this percentage in the area it serves. Public libraries must make this determination for each school district in which their branches are located.

Libraries should also document the cost of local data communications services. Libraries in rural areas will normally find telecommunications costs to be much higher than libraries in urban areas. In fact, the Federal Communications Commission has already determined that rural areas are high cost by definition, therefore, it has set rural discount rates at five to ten percent above urban discount rates. However, eligibility for the national school lunch program is the major factor in determining the discount level.

State Agency Contact-Each state is required to adopt a plan for universal service before any library or school can receive a discount under the Universal Service Fund. Every library which believes it may be eligible under the program should contact its state library agency to determine whether a plan has been completed, or when it is expected to be completed, and which state agency is developing the plan. In most states it is the public utility commission which is drafting the plan. If the state library agency does not appear to be fully informed, a state's PUC should be contacted directly.

Once the state plan is in place, the telecommunications plans of libraries are to be certified. Guidelines for the certification process should be determined so that they may be reflected in the actual drafting of a library's plan.

Drafting the Plan-The plan should describe the library and the area it serves, with specific reference to the percentage of students eligible for the national school lunch program and documentation about the area's urban-rural classification. A library should itemize all of the telecommunications hardware and software in place, and that which is needed. It should quote rates for the telecommunications services currently being purchased, and what is needed.

The plan should detail how the telecommunications technology is to be used, such as the connection of branches to an automated library system, linking libraries in a consortia, providing staff and patron access to the Internet, etc.

The library should update the information annually as it will need to apply again each year.

Good general sources for information about the program are the home page of ALA's Office for Information Technology Policy at http://www.als.org/oitp~ univserv.html/, the home page of the Federal Communications Commission at http://www.fcc.gov/learnet/, and the home page of the U.S. Department of Education at http://www.ed.gov/Technology/.

AT&T WorldNet becomes world's largest ISP

WorldNet, AT&T's Internet service, now has 800,000 customers. It is at least 35 percent larger than any other internet service provider (ISP) . America Online, CompuServe, MSN, and Prodigy actually serve more users, but each offers a broader range of products and services arid are more than just an ISP. Many of the databases to which subscribers to these services have access are not on the Internet, but on these services' own networks. That is why e-mail communication with their users is so difficult if one is not on that same network.

AT&T has made a business decision not to compete directly with America Online or others but instead plans to compete with local and regional ISPs on reliability and price. It already is known for its reliability, but its $19.95 per month pricing is being undercut by a number of local and regional ISPs. Nevertheless, any library seeking an ISP might do well to contact AT&T for comparison against other options. Descriptions, e-mail addresses, and phone numbers for AT&T and its competitors can be found at http://www.cnet.com/Content/Reviews/Compare/ISP/highest.html.

---

Maintained by Marshall Breeding

Copyright 1994-2024