 |
 |
We use EzProxy which is very low cost, has free support, is updated regularly (all updates are free), and has been quite secure. There have been problems with firewalls, but EzProxy can be configured for a workaround that is still secure. EzProxy authenticates with our LDAP which is maintained by my university. I have set the range of IP address that should get access so anyone at my school gets in. Because my proxy server is specific to my school, people at other institutions within my university get the login screen. http://www.usefulutilities.com/ One of the things that I find absolutely amazing is the level of support for this product-- and it's all free. Chris Zagar is the developer; he follows very closely the EzProxy listserv and responds quite regularly. When we've had questions here, he's been willing to take phone calls as well as take a look at our server setup at no charge. I suspect he would be more than willing to answer questions about usernames and passwords. Another option is a VPN-- Virtual Private Network. Here's my school info about ours: http://www.sph.uth.tmc.edu/itservices/default.asp?id=107 We use both. For people with firewall problems, we route them through the VPN. The IP they get is a University-level one, so they still have to login through the proxy server but I've not had any complaints. They're just glad they can get in! Helena Helena M. VonVille Library Director University of Texas School of Public Health Houston, TX [log in to unmask] 713-500-9131 713-500-9125 (fax) -----Original Message----- From: Medical Libraries Discussion List [mailto:[log in to unmask]] On Behalf Of Mary Hanson Sent: Thursday, April 26, 2007 7:57 AM To: [log in to unmask] Subject: Re: ? Wisdom of internal authentication requirement We've addressed this by loading a username and password into the link from our intranet home page. People just click on the button, and all these miraculous activities occur to connect them. They don't know the difference, and we don't have to track hundreds of passwords. You could still give usernames and passwords to the remote users if there is no way for them to get to an internal page. We (the hospital) have EasyAccess for remote access. The attending and resident physicians are all given passwords for EasyAccess so they can obtain lab/patient information from their offices or the clinics. However, once they're behind the firewall, they can use anything on the hospital intranet--including library resources. It's working quite well for us. Mary A. Hanson, M.S.L. Saint Mary's Health Sciences Library 200 Jefferson SE Grand Rapids, MI 49503 voice: 616-752-6260 fax: 616-752-6419 >>> "Yanicke, Joan" <[log in to unmask]> 4/26/2007 7:45 AM >>> Hi All, This question is directed to the hospital community primarily. I am looking to make remote access easier for our users and like what I see with a European product called Athens. The drawback that I see is that in order to have good remote authentication, I believe all users will have to have usernames and passwords - even in house users - so the ease of IP authenticated access in-house for casual or sporadic users such as nursing staff and our bazillion students and rotating residents - will disappear. And I'm not sure that is a good trade off. So my questions are these: 1. Do any of you use a product that does not require that trade-off? If so, what is it and whom do I contact for more info? 2. Am I seeing a problem where there really isn't one? Any thoughts on this would be appreciated. And if there is sufficient information gathered, I will summarize for the list. Thanks. Joan Yanicke, MALS, AHIP St. Vincent Hospital Medical Library 123 Summer Street Worcester, MA 01608 Voice 508.363.6117 Fax 508.363.9118 [log in to unmask] <mailto:[log in to unmask]> This message (including any attachments) is confidential and intended solely for the use of the individual or entity to whom it is addressed, and is protected by law. If you are not the intended recipient, please delete the message (including any attachments) and notify the originator that you received the message in error. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Any views expressed in this message are those of the individual sender, except where the sender specifies and with authority, states them to be the views of Vanguard Health Systems. This footer also confirms that this email message has been scanned for the presence of computer viruses