Intranets and Extranets

Everyone has heard of the internet.  In fact we all use it nearly every day, and even our cell phones can be used to access content from the internet on a daily or hourly basis.  While virtually everyone understands what the internet is, most of us get confused or wonder if someone needs to learn how to spell properly when we see the words "intranet" or "extranet".

What is an Intranet?

Wikipedia describes an intranet as "a computer network that uses the Internet Protocol technology to securely share any part of an organization’s information and network operating system within that organization."  The key words here are "securely" and "within that organization."  This means that only members of the organization have access to that particular set of electronic files.

The concept of intranets first appeared a few years after the public introduction of the internet and the World Wide Web in the early 1990s.  They are in wide use today, providing a familiar environment for employees and executives to access company information.  Security is usually managed through the network, requiring some form of local authentication.  Information is often proprietary and strictly pertinent to the company.  Perhaps the most widely known intranet software solution is Microsoft SharePoint*.

What is an Extranet?

While an extranet has many similarities to an intranet, an extranet performs a very different function.  The Wikipedia entry for an extranet describes it as "a computer network that allows controlled access from the outside for specific business or educational purposes…an extranet is similar to a DMZ in that it provides access to needed services for channel partners, without granting access to an organization’s entire network."  Here we see some key terms: "securely" and "access from the outside."  While both intranets and extranets differ from the internet in general because of the "security" component, the key differentiating factor between intranets and extranets is this:  Intranets are designed to communicate within an organization; extranets are designed to allow for communication outside the organization.

Which one do I use?

Intranets are designed to be secure from the outside world, but rarely offer any differentiating security once inside since they are designed for sharing information.  An extranet, though, is designed explicitly for sharing information with others outside the organization.  These could be clients, business partners, shareholders, key vendors, or any other entity where secure communication is required.  Because the audience may widely vary, the ability to securely manage the content on a granular and role-based level is critical.  For example, an executive may want to manage content that a business partner can view, but the business partner should not have rights to make changes to that content.

As software continues to become more sophisticated, the lines between these two begin to blur.  Software packages that began as intranet solutions now provide limited extranet functionality.  Some major Document Management Systems fall into this category, as does Microsoft SharePoint*.  However, there are some major considerations that need to be looked at before using an intranet tool to provide access to outside users:

  • First, and perhaps the most important, is that as an intranet solution, these software packages reside within your local network.  In order to share information with outside users, access to the local network must be granted.
  • Second, the management for intranet solutions assumes security is based on the network.  This means that even if external access is possible, it either means adding external users to your local network—with all the security concerns that implies—or bolting on some form of external user management tool along with the extra management and configuration that it requires.
  • Third, the management and configuration of an intranet solution often depends on server administration rights and tools.  For example, to create portals in SharePoint*, a network administrator must login to the server and create the portal, configure and customize it for the specific users, then assign it to the user to manage the content.

Extranet systems, on the other hand, are designed from the ground up for external access:

  • User management and configuration is integrated and not dependent on any external system.
  • Configuration and management is designed to be performed from within the software, eliminating the dependency on network administrators and complex network authentication requirements.
  • Finally, the extranet solution can be hosted completely outside the company network, eliminating many of the security concerns raised with a locally hosted application.

Picking a solution

Intranet and extranet solutions both provide invaluable services that can be used by virtually any organization—particularly as security and access control concerns have increased in the last few years.  However, it is also important to understand the distinctions between these two solutions, and the strengths and weaknesses each provides.  For local access with tight integration with network security, an intranet is the best option.  For securely sharing and controlling access to data with outside users (whether business partners, vendors, or clients), a dedicated extranet solution is a better choice than opening your network to outside access.

*Microsoft and SharePoint are Registered Trademarks of Microsoft Corporation