Intranet
An Intranet is a localized computer network which allows a limited number of devices to communicate relatively privately with one another using a single IP range and subnet. This network typically supports the HyperText Transfer Protocol (HTTP) allowing users to browse websites which are hosted within. Intranets are typically used as secure environments where proprietary or secret information can be shared between devices. External access it typically restricted to authorized individuals and devices.[1][2]
Intranets can consist of almost type of content which is found on the internet: complete websites and web portals, wikis, file sharing, video streaming, and much more.[2]
Benefits and risks
An intranet typically operates within a secured perimeter, to prevent external access. This means that only devices which are physically connected to the local network are able to access the resources on the intranet. Devices outside of the intranet inherently untrusted, while devices within are inherently trusted. This offers a relatively convenient way to share access within an organization or group, while preventing unwanted external access.[2][3]
However, larger organizations now often have people needing to access the intranet remotely. To accomplish this, an encrypted "tunnel," known as a virtual private network, is established between the remote client and a VPN concentrator within the intranet. The remote client's connection is then piped across the internet in an encrypted stream, and released into the intranet. The remote device then virtual becomes a part of the physical network.
Since an intranet is by definition a self-reliant network, it will typically have its own DNS server, so that users can brows websites using domain names as they would on the public internet. They will also sometimes use the HTTPS protocol to encrypt communication using TLS.[3] However, most intranets will run their own certificate authority and use self-signed certificates, which many argue is an inferior form of security.
Intranets are also usually connected through a firewall to the internet. This means that users can access both restricted resources hosted on the intranet, and public resources on the internet. This offers excellent convenience, but since the intranet is in contact with the internet, it offers an attack surface to everyone. If an attacker manages to gain access to the intranet, they are essentially become an inherently trusted member of the intranet, with full access to everything which should have been secure. To help combat this, Intranets are now often configured with some internal security controls and detection systems.
