Any network or application that is accessible from outside the physical and logical boundaries of an organization can be called an extranet. This means that any network on which remote access services are provided could, technically, be considered an extranet. Commonly, though, the term extranet is used to describe a system or application, hosted within an organization, which is securely made available to selected individuals or entire organizations outside of the hosting organization.

The key consideration to this model is that the company providing the system controls access to the extranet. In other words, only selected clients and associates are provided with access, and they might even be required to access the extranet over secure virtual private networking (VPN) links. Contrast this with the model used by, for example, online bookstores, where anyone can access the site, even though a username and password is subsequently required to place or track orders. Although the bookstore could decide to prevent a certain user from accessing the site, they are unlikely to do so. Figure 5 shows an example of an extranet.

Figure 5 An example of an extranet.

Extranets are commonly identified by the following characteristics:

  • Users are outside of the hosting organization Access to the extranet system is made available to individuals and organizations that are not directly affiliated with the host organization.

  • Only the owner of the system grants access Access to the extranet is normally granted and controlled by the operating organization.

  • Secure Extranets are typically secure, and connection to the extranet might require the use of secure communication channels such as a VPN.

Typically, though not exclusively, extranet applications, like intranet applications, are hosted on a Web server and accessed through a Web browser.