Welcome to the Ex Libris Cloud
Version 1.5
A newer version is available here
Introduction
Congratulations! You have joined hundreds of Ex Libris customers enjoying the benefits of using the Ex Libris Cloud. This document presents the technical details you need know in order to get started and join the Ex Libris cloud
Purpose of This Document
This document lists the benefits of using the Ex Libris Cloud services together with general instructions for new customers joining the Ex Libris Cloud.
The Cloud Deployment Model
Ex Libris operates a private cloud offering that is available for the sole use of the Ex Libris customer community. This deployment model differs from a public cloud, which is available to the general public, or a hybrid cloud, which is a combination of two or more clouds.
Private cloud implementation provides Ex Libris with the opportunity to benefit from cloud computing without compromising on the architectural control required to ensure integrity of its customers’ data, systems, and processes.
Security
Ex Libris is committed to providing its customers with a highly secure and reliable environment for hosted and cloud-based applications. Ex Libris has therefore developed a multi-tiered security model that covers all aspects of hosted and cloud-based Ex Libris systems. The security model and controls are based on international protocol and standards and industry best practices (ISO/IEC 27001).
Ex Libris has received ISO 27001:2005 certification. This standard provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security Management System (ISMS). As part of the company’s focus on security issues, Ex Libris employs a Security Officer and a dedicated Cloud Services Team with responsibility for the following:
- Applying the security model to all system tiers
- Monitoring and analyzing the infrastructure to detect suspicious activities and potential threats
- Issuing periodic security reports to Ex Libris management and customers
- Dynamically updating the security model and addressing new security threats
- Systematically examining the organization’s information security risks, taking into account threats and vulnerabilities
- Designing and implementing a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable
- Adopting an overarching management process to ensure that the information security controls continue to meet the organization’s evolving information security needs
Ex Libris is committed to securing the information that the customer community stores in our systems. Each one of the controls that form part of our multi-tiered security model is upheld throughout the organization. The security model is constantly monitored and tested to maintain a high level of security, thus granting Ex Libris users—libraries and their patrons—peace of mind with respect to the privacy, confidentiality, integrity, and availability of their data.
For any security related questions or issues, open a support CRM case or contact the Ex Libris Chief Infomation Security Officer (CISO) at SecurityOfficer@exlibrisgroup.com.
Services You Will Receive
The application is hosted on hardware owned by Ex Libris at a central secured data center. Ex Libris periodically updates and upgrades the system. The following are some key points:
- Hardware maintenance
- 24 x 7 Hub professional operators
- System Status page
- Monitoring services
- Redundant infrastructure systems – no single point of failure (power, climate control, fire control)
- Redundant infrastructure devices – no single point of failure (routers, , firewalls, load-balancer, switches, storage)
- Robust UPS facilities
- Diesel power generators (independent power plants)
- No fewer than 3 ISPs providing OC3-level bandwidth to the facility with load balancing
- Backups are stored at the data center and are also saved in a separate offsite secured location
- Hardware and operating system upgrades and patches
- Application upgrades, patches and maintenance
- Security framework based on ISO 27001 certification
- Security control and continuous monitoring
- Application availability based on SLA
Processes and Procedures
Ex Libris follows best practices processes and procedures to safeguard your system availability, integrity, and confidentiality. Some points to take note of:
- Root Cause Analysis (RCA) – Ex Libris performs internal root cause analyses for each service interruption and takes the necessary steps to avoid them in the future. For SaaS environments, Ex Libris publishes RCAs in the Customer Center.
- Change Management – Ex Libris has detailed change management systems including approval cycles for each change in the cloud. Each change must be approved, recorded, and documented. The system avoids change conflicts and manages activities in the system.
- Availability – (Uptime Quarterly Reports) – For SaaS environments, Ex Libris has a quarterly availability report that measures and records system uptime services. This report is published and available for customers in the Customer Center
- Operating Center – Ex Libris has a dedicated 24x7 operation center, All monitoring alerts in the cloud are received and analyzed by a professional operator. For more information, see the 24X7 Hub contact details.
- On-Call rotations Engineers – Ex Libris has 24x7 on call expert infrastructure engineers such as, Security, Network, DBA, Storage, System, and dedicated On Call professional
Application Developers that are notified by the operating center in the event of a service interruption.
Ex Libris Monitoring System
Monitoring cloud operation is at the heart of guaranteeing a high level of service. Ex Libris monitoring is built on a multi-layered concept.
Monitoring multi-layered conceptual architecture systems include multi-systems that monitor the services inside and outside the Data Center to validate that services are running with the best performance indicators.
Ex Libris Backup System
Ex Libris has adopted a rigid backup procedure to safeguard the customers' data. On a regular basis, Ex Libris performs system backups using best practice industry standards and centralized backup systems, including backups of the infrastructure network, operating systems, application files, database files, and storage files. This includes several backup snapshots a day of all the data. All backup files are subject to the privacy controls in use at Ex Libris. Ex Libris has a 10 week retention policy. The restore procedures are tested on an ongoing monthly basis to ensure rapid restoration in case of data loss. In addition, a full copy of the data is maintained at a remote secured site, thus making sure that we always hold a full copy of the data for recovery purposes.
Ex Libris Data Center Network Diagram
Ex Libris System Status Page
The Ex Libris System Status page displays the latest information on the availability of all multitenant Ex Libris instances. You can check this page at any time to see current status information or subscribe to be notified via email of interruptions to any individual service. If you are experiencing a real-time operational issue that is not indicated on this page, inform Ex Libris by opening a customer support request.
The system status page holds instances for hosted customers on SaaS environments. This site displays live data along with historical data for the previous five days. Customers with singletenant hosted environments can continue to view the status of their services via email notifications or, in case of cross-affecting issues, on the located on the Customer Center Status page
Performance Indicators
The status of every instance is displayed via a Performance Indicator. More detailed information and timely updates can be found by hovering over these indicators.
Status | Description |
---|---|
Service for the instance is operating normally |
|
Service for the instance is available, but users may experience performance issues. |
|
Service Interruption |
Service for the instance is unavailable or disrupted |
Scheduled Maintenance |
Planned maintenance is taking place |
Scheduled Maintenance
Notifications of future scheduled maintenance are published in the Scheduled Maintenance column. Detailed information such as start and end times can be found by hovering over the maintenance dates.
Locating an Instance Name
To locate your hosted instance name on the Support Portal (Salesforce), simply log onto the Support Portal and select the desired account asset. If your environment is on the system status, your instance name will be displayed under the Instance Name on Status Page.
Cloud Status Notification Subscription
Email notifications regarding performance updates and upcoming maintenance of a hosted instance are sent to the instance’s subscribers.
If you want to receive email notifications from the Status page only, click the letter icon next to the desired instance and enter a valid email address. An email is sent to activate the subscription. (If you do not receive the email, check your spam box.)
Software Updates and Releases for SaaS
Ex Libris Cloud Teams manage and maintain software updates in the cloud applications.
- Alma and Leganto – Release updates are installed on a monthly basis during a maintenance window and release notes are published to customers.
- Primo – Service packs are released on a quarterly basis and installed during a maintenance window, first on a sandbox environment and then on a production environment.
- SFX – KB updates are installed on a weekly basis; revision updates are installed on a monthly basis.
Note: All SaaS environment scheduled activity is communicated via the Ex Libris Status page.
Documentation and References
- Product Features – For additional information regarding product features, refer to thedocumentation for the product in the Documentation Center for the most up to date version.
- Security and Privacy – For additional information regarding security and privacy, refer to the Cloud Security and Privacy statement. For security announcements, refer to the news in the Customer Center.
- Issues or Questions – For any issues or questions regarding cloud services, security or any other issues, use Salesforce to create cases and receive updates regarding their handling by Ex Libris staff.
Customer Responsibilities
In order to make sure you benefit from Ex Libris cloud services, there is also a need to make sure that your local environment is setup correctly to allow for a smooth start with our cloud based solutions:
- Maintain the connectivity (with acceptable bandwidth) of the workstations and end users to the internet, including network connectivity to the programs and connectivity between the programs and your local applications.
Work according to the Customer Appropriate Usage Statement (Appendix 1: Customer Appropriate Usage Statement) - Create and maintain firewall settings and open required ports that permit access to the programs.
- In some cases (such as after a MetaLib KB update), technical involvement from the customer may be required.
- In the event of a service interruption, open a system down support
CRM case, or contact the Ex Libris 24x7 Hub. For any other issues, open a support CRM case. For more information, see the Salesforce CRM Customer Portal Documentation.
Appendix 1: Customer Appropriate Usage Statement
Introduction
Ex Libris provides cloud services for customers using Ex Libris products. Ensuring the security of cloud services is a high priority for Ex Libris. In order to provide secured solutions that help ensure a high level of global security protection of the cloud infrastructure, Ex Libris requires customer cooperation.
Scope
This policy is intended for Ex Libris customers with access rights to Ex Libris Cloud infrastructures.
Inappropriate Usage
The Customer agrees to use commercially appropriate efforts to prevent unauthorized access to, and use of, programs and licensor data and will notify Ex Libris as soon as possible of any unauthorized access or use.
The Customer agrees not to permit any end user or third-party to, (i) make available in any way for the use or benefit of any unauthorized party, the programs, licensor data, related materials, or other proprietary information received from Ex Libris, in whole or in part, unless Ex Libris so consents in writing; (ii) reverse engineer, decompile, or disassemble the programs or any components thereof except as permitted by law; (iii) violate or abuse the password protections governing access to and use of programs; (iv) copy, modify, create derivative works from, download, distribute, or store all or any substantial portion of the licensor data; (v) remove, deface, obscure, or alter Ex Libris' or any third-party's copyright notices, trademarks, or other proprietary rights notices affixed to or provided as part of the programs and/or licensor data; (vi) use any robot, spider, scraper, or other automated means to access the programs or licensor data for any purpose without Ex Libris' written consent; (vii) use or display program logos differing from Ex Libris’ own without Ex Libris’ prior approval.
The Customer will not use his privileges to: (i) perform penetration, vulnerability or security scans or tests, audit Ex Libris programs and/or services, or to run any other similar security software; (ii) attempt to access any program, resource, service or system not included in the customer Scope of the Agreement. In case of shared environments, the customer will access his own data and configurations for management purposes only.
The Customer will maintain the confidentiality of any information received by Ex Libris in connection with Ex Libris programs and/or services, including, but not limited to, product configurations and network diagrams and will not disclose such information or use it for any purpose other than for the customer's own use of the service, as permitted in the Scope of the Agreement.
Appropriate Usage
The Customer may access the program and Ex Libris Cloud systems (the "System") on which Customer data is stored within the Program and/or the System for the purpose of utilizing Program functionalities and for customizing Program access rights and privileges in accordance with the Customer's needs.
Record of Changes
Type of Information | Document Data |
---|---|
Document Title: |
Welcome to the Ex Libris Cloud |
Document Owner: |
Eyal Alkalay – Ex Libris Sr. Director of Cloud Engineering |
Approved by: |
Barak Rozenblat - VP, Cloud Services |
Issued: |
Feb 6 ,2012 |
Reviewed & Revised: |
Jul 12 ,2017 |
Revision Control
Version Number | Nature of Change | Date Approved |
---|---|---|
1.0 |
Initial version |
Feb 6 ,2012 |
1.1 |
Review and Update- Tomer S |
Feb 13 ,2013 |
1.2 |
Review and Update- Tomer S |
Dec 5 ,2014 |
1.3 |
Review and Update- Tomer S |
Feb 4 ,2015 |
1.4 |
Review and Update- Tomer S |
Apr 12 ,2016 |
1.5 |
Review and Update- Tomer S |
Jul 12 ,2017 |
Document Distribution and Review
The document owner will distribute this document to all approvers when it is first created and as changes or updates are made. This document will be reviewed and updated annually or upon written request by an approver or stakeholder. Questions or feedback about this document can be directed to the owner or a listed approver