February 26, 2007
Access Emory computing
and library resources
Selden Deemer is library system administrator
for Emory University Libraries; Andy Efting is a
security analyst with Academic and Administrative Information Technology.
Emory offers a wealth of information resources to its community, including local resources and those that are licensed, such as library databases and electronic journals. Access to those resources, however, is often restricted to campus locations, and many times, Emory’s users want to retrieve information from these resources while off-campus.
Members of the Emory community can gain access to on-campus resources from off-campus locations, but it requires knowledge of two separate online services. Library databases and electronic journals require Emory’s “information gateways”; while secure access to services on Emory’s campus network from off-campus requires Emory’s Virtual Private Network.
Databases, electronic journals and similar resources are generally licensed, not owned, by Emory’s libraries. This means that the actual information is delivered from somewhere else, and publishers expect connections to originate from the Emory campus.
If users try to connect directly to a licensed resource, such as the journal Nature, from an off campus location, they will probably be asked for a login and password. If an article is found through a Web search engine, such as Google, users may be asked for their credit card to purchase a copy at significant cost, even though Emory’s libraries have a subscription.
To avoid these problems, instead of bookmarking a link to a publisher, users should always connect to databases and electronic journals through a library gateway, such as:
EUCLID library catalog:
When connecting to a library database or electronic journal from an off-campus location, users will be asked to identify themselves with an Emory Network ID and password. Once a user has been authenticated, the library proxy server will send a “cookie” that identifies that user for as long as the Web session lasts, so users will not have to identify themselves again to use another database or electronic journal.
At Emory, a Virtual Private Network is most often used to provide off-campus users with secure access to our internal network. VPN technology secures this traffic by encrypting all the traffic between an off-campus location and the Emory network. In addition to encrypting communications, the VPN will also make it appear as if users are coming from an on-campus location. Several Emory resources restrict access to only those people who are affiliated with Emory and VPN provides remote users access to these types of restricted systems.
In the past few years, Emory has supported a range of VPN solutions to meet a variety of remote access needs and requirements. Today, AAIT Security is in the process of consolidating those VPN offerings into a single solution that will meet all the needs for encrypted communication to campus resources from off-campus locations. The selected service is the new F5 Firepass SSL VPN, which uses a Web browser to establish a remote access connection. Details concerning the new VPN and how to use it may be found at http://it.emory.edu/VPN.
Most users won’t notice much difference between the old VPN services and the new F5 SSL VPN. There is, however, one important exception: the new VPN will only give the appearance of coming from an on-campus location if users are actually going to an Emory University network location.
If a user is going to Emory Healthcare or the Internet in general, their traffic will not go through the VPN at all. That means, for example, the new VPN cannot be used to go to off-campus library resources and expect to gain access as if coming from on-campus. To access those protected off-campus resources, users will need to use one of the library gateways noted earlier.