Home > Articles

📄 Contents

  1. Using a World-Wide Network (the Internet)
  2. Smaller than the Internet, Bigger than a LAN (Intranets and Extranets)
  3. Where To From Here?
  4. The Least You Need to Know

Smaller than the Internet, Bigger than a LAN (Intranets and Extranets)

Intranets and extranets were created as a natural evolution from the public Internet. They reflect the desires of organizations to leverage the value of the widely accessible Internet with the need to communicate with employees and various associates in a secure way.

It helps to describe the features that are common to the Internet, intranets, and extranets. The most basic similarities between these networks are

  • They are all built using TCP/IP protocols. These protocols define rules for such things as how messages are routed on the network and what types of services are supported.

  • They use the same methods of identifying computers and users on the network. Names are organized in a hierarchy referred to as the domain name system (DNS) and numerical representations of those names are referred to as IP addresses. (DNS and IP addresses are discussed later in this chapter.)

  • Because they use the same protocols and naming methods, the different types of networks can use the same network-ready applications (such as Web browsers and email), security methods, and system administration tools.

Differences Between the Internet, Intranets, and Extranets

If the Internet, intranets, and extranets sound similar, you might wonder what it is that makes them different. The truth is that from a technology standpoint, these types of networks are pretty much the same. The primary differences come from the way that the networks are used. Following is an explanation of how the Internet, intranets, and extranets differ:

  • The Internet The Internet is a "wide-open" network, made up of many public and private networks joined together. The vast majority of resources on the Internet are intended for public access. Users can view Web pages, send email, and access FTP sites associated with thousands of organizations all over the world.

  • Intranets An intranet is a private network that is controlled by a business or organization. It is intended for company business and is generally inaccessible to the outside world. Usually, people within the company communicate with each other using many of the same tools used on the Internet: Web browsers, network administration tools, and various collaborative programs.

  • Extranets An extranet is actually an intranet (privately maintained) that extends its network to remote users, suppliers, or other businesses or organizations with which it wants to collaborate. To extend outside of the company intranet, extranets often enable people from these outside organizations to connect to the intranet using secure connections over the public Internet. Extranet secure connections are accomplished with what are called Virtual Private Networks (VPNs).

NOTE

Virtual private networks (VPN), for securely connecting to private networks over public networks, are described in Chapter 11, "Linking Your Home and Office Networks."

The Domain Name System

The domain name system (DNS) ensures that the computers on the Internet have unique names and IP (Internet Protocol) addresses. Domain names are organized in a hierarchy that is probably familiar to you by now; these days, it seems that every business has a .com (dot-com) Internet address that conforms to the DNS.

Well, that .com is just one of many top-level domain names. Each top-level domain name represents a category of domains under which many individual domain names exist. For example, following are some top-level domain names you might be familiar with:

  • .com Includes commercial domains, such as large corporations, wholesalers, and small businesses.

  • .gov Includes many U.S. government domains.

  • .org Includes various kinds of organizations.

  • .edu Includes educational institutions, particularly colleges and universities.

  • .net Includes organizations associated with computer networks, such as Internet service providers.

Because the first top-level domains were created for companies, government agencies, and universities in the United States, as organizations from other countries joined the Internet, top-level domains were added for each country. Following are some examples of top-level country domains:

  • jp for Japan

  • uk for United Kingdom

  • ca for Canada

  • de for Germany

Network Solutions, Inc. (http://www.networksolutions.com/) is where you can register for a domain name. That company allows registration of .com, .net, and .org domains (and it shares that responsibility with several other companies such as Register.com). Instead of contacting Network Solutions, you can often have the Internet service provider (ISP) you choose obtain a domain name for you. (Look in your local phone book to find ISPs that serve your area.) Before you can register the domain, you will need contact information from your ISP anyway.

Here are a few statistics about domain names (courtesy of Network Solutions):

  • Of the .com, .net, and .org domains, 77% are .com, 15% are .net, and 8% are .org.

  • Although there has been a lot of talk about people "squatting" on domain names (that is, registering them with the assumption that someone else will pay them for it), 80% of the people purchasing domain names purchase only one, while another 10% purchase only two.

  • In the United States, California recorded the most domain name registrations as of April, 2000, followed by New York, Florida, Texas, and Illinois.

  • For U.S. cities, New York has recorded the most domain name registrations, followed by Los Angeles, San Francisco, Chicago, and Miami as of April, 2000.

  • Of the businesses registering for domain names in the first quarter of 2000, attorneys led the list, followed by computer software companies, Internet service companies, real estate companies, and advertising agencies and counselors.

  • Of the countries outside the United States registering the most domain names, Canada leads the way, followed by the United Kingdom, Korea, France, Italy, and Japan.

Check This Out

To find out if a domain name is available, go to http://www.networksolutions.com/ and type the name you are interested in into the Search for domain name box, choose a domain (.com, .net, or .org), and click Go. Few common words or phrases are available any more in the .com domain.

Assigning Domain Names

After an organization is assigned a domain name under a top-level domain, it is within the organization's control to organize and name all its computers under that domain name. For example, for a commercial domain named handsonhistory, the domain name is

handsonhistory.com

Any computers within that domain can either be added directly to the domain name or to additional subdomains. For example, computers named decoys and baskets might be called decoys.handsonhistory.com and baskets.handsonhistory.com. Or, you might add a subdomain of crafts and have the computers named decoys.crafts.handsonhistory.com and baskets.crafts.handsonhistory.com.

Assigning IP Addresses

The IP address is used to actually communicate with a computer on the Internet. Domain names are translated into IP addresses before requests to communicate with a computer are made (either a DNS server or a list of names/addresses on your computer usually does the actual translation).

The IP address is made up of four numbers (from 0 to 255), separated by dots. Each number is referred to as an octet because it consists of 8 bits. A bit is the smallest unit of information to a computer, with each bit representing either a 0 or a 1. So, if you understand binary numbers, you will know that all 8 bits set as 0 represent the number zero and all 8 bits set to 1 represents the number 255. Other combinations of 0s and 1s create other numbers between 0 and 255.

The following is an example of an IP address:

123.45.67.89

Because any given organization usually has many computers, every organization is usually given a set of IP addresses to assign to its computers. Originally this set of numbers was associated with a Class of addresses (Class A, B, or C) each containing a different number of host (i.e. computer) addresses; address classes are discussed in the next section. Because IP addresses were running out, and the class system rarely resulted in the right number of addresses being assigned, a new method referred to as Classless Inter-Domain Routing (CIDR) is now being used. CIDR is discussed later in this chapter.

IP Address Classes

The four parts of each IP address actually represent two logical parts. The first logical part of each IP address represents a subnetwork, and the other part represents a particular computer on that subnetwork. The trick is that, depending on the network class, the parts of each address that represent the network and computer change.

A Class C network address contains up to 256 host addresses (the last of the four octets). A Class B network contains 65,536 host addresses (the last two of the four octets). A Class A network contains more than 16 million host addresses (the last three of the four octets). Remember, each octet represents numbers from 0 to 255, so you multiply 256 x 256 to get the number of Class B hosts and 256 x 256 x 256 to get the number of Class A hosts.

Needless to say, this was a fairly inefficient way of assigning addresses. In fact, whole Class A and Class B addresses are no longer assigned. Now you need to make a case for the number of IP addresses your organization gets.

IP addresses are running out, requiring that some tricks be used (such as assigning IP addresses dynamically as needed) until the next generation of the Internet is put in place. The next generation of the Internet (IPv6) has a virtually limitless number of IP addresses and uses six octets instead of the current four octets. (IPv6 is described in Chapter 16, "To the Internet and Beyond.")

Classless Inter-Domain Routing (CIDR)

Besides being wasteful for allocating addresses (a single class A, B, or C network number rarely fit an organization), IP classes were also inefficient when it came to handling Internet routing tables. Routing tables are lists of information that are stored on each router on the Internet so that it knows which networks to route packets to. The information that routers needed to do their job was getting to be too much. To improve this situation, Classless Inter-Domain Routing (CIDR) was adopted.

CIDR is similar to, but more flexible than assigning IP addresses. Using a different form of notation, IP address networks containing from 32 to about 524,000 host addresses can be assigned. A CIDR IP address uses a slash (/) followed by a number from 13 to 27 to indicate how many bits in the IP address reflect the network. Here is an example of a CIDR IP address:

123.45.67.89/16

Here, the first 16 bits (that is, first two dot-separated numbers, 123.45) represent the network number and the next 16 bits (that is, the last two dot-separated numbers, 67.89)reflect the host number. Wondering how many host computer could be in a network, based on the number following the slash? Here are the number of hosts you could have in each CIDR network:

/27

32 hosts

/26

64 hosts

/25

128 hosts

/24

256 hosts

/23

512 hosts

/22

1,024 hosts

/21

2,048 hosts

/20

4,096 hosts

/19

8,192 hosts

/18

16,382 hosts

/17

32,768 hosts

/16

65,536 hosts

/15

131,072 hosts

/14

262,144 hosts

/13

524,288 hosts


By assigning only the number of IP addresses to an ISP that the ISP needs, and having that ISP use the addresses in a single geographic area, routing becomes more efficient. Think of how zip codes work with the postal service. A zip code directs a letter to a particular post office that handles a particular geographic area. Imagine if letters sent to one zip code actually were destined for places all over the country. Each post office would require multiple routes within each zip code that routed letters again to distance places. That's how IP addressing often worked before CIDR. With CIDR, after a router knows how to locate the ISP's network, the ISP can manage the routing to all the computers on its nearby network.

Domain Names and IP Addresses in Intranets and Extranets

That was a quick description of how Internet names and addresses work, but you might wonder how that relates to intranets and extranets. In terms of host names, most intranets and extranets organize their computers under the company's domain name. However, if a computer from the Internet tries to contact a computer on the company intranet, in most cases the company's firewall will refuse that request (depending on how security is set up). A firewall is a specially configured computer that is there to monitor what information can travel in and out of the company's Intranet. (Firewalls are described in Chapter 14, "Securing Your Fortress.")

As for IP addresses, a special set of IP addresses is reserved to be used by any intranet. Because most or all the computers on the private part of a company's network might not be reachable from the Internet due to security constraints, this same set of IP addresses can be used by all intranets. Internet routers know that these addresses are never accessible from the Internet.

Check This Out

As with domain names, you can also obtain IP addresses through your ISP. If you would like to obtain your own IP addresses, however, you can do so by contacting the American Registry for Internet Numbers (http://www.arin.net/).

Intranets

Opening up a company's network to the Internet can be dangerous (in terms of security) and can also hurt performance (if the whole world can access your network, it can slow network traffic within your company.) At the same time, however, Web browsers and Internet protocols can be great tools to include on a company's network. You can publish company manuals in HTML or use Web-based teleconferencing tools, for example.

Someone creating a network for a private company needs to consider the following:

  • Security measures (discussed later in this chapter) are needed to protect company information, such as financial data and strategic planning information.

  • For employees to get their jobs done, companies need to have the capability to manage and protect the performance and reliability of their networks.

An intranet is one way of allowing network connectivity within a company, at the same time protecting those resources from the outside world. In general, an intranet is a private network that uses the same software and hardware components as those involved in running the Internet. Although a small company, housed in the same location, can get by with one or two LANs connected together, a larger company might need to interconnect many separate networks from diverse locations. A well-planned intranet might be the answer.

With an intranet, a company can build its network using well-known, well-tested Internet protocols and tools. Employees don't need special knowledge to set up or use the network. Information can be shared using common applications, with a Web browser typically acting as the centerpiece of the user interface.

Security for Intranets

With an intranet, a company can manage network resources and determine the level of security with which it is comfortable. In many cases, this means secure local area networks (LANs) and wide area networks (WANs) connected to the outside world in a limited fashion through mechanisms known as firewalls.

Watch Out!

Even if you have only a small LAN, it doesn't mean you are safe from hacker attacks and security breaches. If the information on your network is important to you, many of the same security techniques used in intranets might be useful for your LAN. See Chapter 14 for information on security techniques.

For example, you might want to allow the engineering and human resources departments to have access to some company databases, but not allow the departments to access each other's LAN.

If more stringent security measures are required within the intranet, a variety of encryption techniques are available to keep particularly sensitive information from any but the intended parties (examples are encryption techniques used to secure email messages). Basic levels of security can be enforced using standard password protection— requiring that a user log in to establish identity before gaining access to services that are restricted.

Intranet Uses

Using an intranet, relevant and timely company data can be distributed to employees quickly and efficiently. The network can also serve as a means for collaboration on projects through file sharing, for example. The following are some ways of effectively using an intranet within a company:

  • Employee services Intranets can be used for online company phone directories, bulletin boards, company policy documents, and information on corporate locations and internal services.

  • Conferencing Intranets can offer software that supports video conferencing, audio conferencing, online chats, whiteboards (a window that appears on everyone's screen in the conference that everyone can draw on), and application sharing. These features can be used together so employees at different locations can hear and see the same information.

  • Project management tools Scheduling tools, workflow software, project timelines and a variety of other tools that chart the productivity of a project can be shared on an intranet.

  • Libraries Online libraries can be maintained so that documents that are relevant to engineers, marketers, sales, and management are easily accessible within the intranet.

  • Databases Databases of sales data, financial information, inventory, and various kinds of analysis can be selectively made available to employees on the intranet.

  • Web pages Instead of just sending memos, employees can publish appropriate information on Web pages in HTML format. This might include technical discussions of a project, company activities, or just something personal that an employee may want to share with others.

Anything that can be done on the Internet can also be done on a company intranet. One big difference in how you set up services, however, is that Internet servers will be outside your firewall, although intranet servers will be behind it. You want critical company data to be behind the firewall and public data to be outside of it. It is up to each company to implement the policies to decide how the intranet is to be used and to allocate the computing and network resources to support those policies.

Extranets

An extranet extends the concept of intranets outside of a single company to other companies, agencies, or individuals that need to collaborate with the company on an ongoing basis.

One factor that typically characterizes an extranet is the way in which it extends the company intranet. Those who are connecting from outside the intranet are usually doing so over a public network (in particular, the Internet). Although this can result in some performance hits, it can be a cost-effective solution because inexpensive Internet connections are widely available.

The extranet requires some special security considerations. To ensure that corporate computing assets are safe, off-site users typically use such techniques as encryption or tunneling (discussed at the end of this chapter) to keep their communications secure. In general, extranets are less expensive than creating and maintaining leased lines. A company has to pay extra for lines that are leased from local phone companies to carry its data, while it only has to pay for a connection to the Internet to use the Internet to carry its data. However, a major drawback of extranets is that the performance of the network is out of the hands of the local company. For that reason, applications that require real-time response, such as banking and airline reservation applications, might not get the performance they need by communicating over the Internet.

Extranet Uses

For many applications, an Internet connection from a high-speed modem is quite acceptable for extranets. These are applications that, in case the network is temporarily congested, can wait a few extra seconds for a response. The following are some items a company might want to offer its partners on an extranet but not make available to the general public:

  • Wholesale pricing lists

  • Project plans and milestones

  • Inventory availability information

  • Special partner/dealer programs, including discounts, sales incentives, and promotions

  • Company internal contact information

  • Product specifications

  • Marketing reports and studies

  • Product support literature, including technical support databases

Building Security into an Extranet

Because important company assets are being exposed outside the boundaries of the corporate intranet, special attention needs to be paid to security issues. That attention will be focused on the following factors:

  • Remote users are who they say they are.

  • Connections between the remote users and the intranet are secure.

  • The scope of the information and resources available to the remote user are limited.

To verify the identity of a remote user, the first line of defense is still a username and password. When a system administrator sets up a company's computer network, users are typically given individual user accounts with passwords. When a more rigorous identification is necessary, digital certificates can be required. A digital certificate more stringently establishes the identity of the user. A digital certificate can also satisfy the second item listed previously by enabling the two parties in the communication to establish an encrypted communication session.

Establishing certificates was once an expensive and complicated job. Now there are ways for a company to be its own certificate authority (CA) and issue digital certificates. Companies such as VeriSign (http://www.verisign.com/) can help you manage your own digital certificates.

When it comes to the third item listed previously, a company can use the same measures to secure its resources against unauthorized access from its extranet partners as it does against unauthorized access from employees within the company. Access to secure LANs can be blocked using firewalls and password protection can be used to protect sensitive data.

As with access to resources by employees within an intranet, a company needs to set up security standards and performance requirements for its extranet. By doing this properly, a company can provide the information its partners need in a timely manner and still protect other computing resources.

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020