A company LAN, or local area network, can house a private Internet-like environment called an intranet. The intranet is basically a set of HTML pages relating to internal company business, for employee's eyes only, and is not available to the Internet. If access to or from the Internet is provided, it will be through a firewall gateway that will require a username and password. In this case the intranet becomes an extranet. In short, an extranet is the extension of an intranet to include public access.
An extranet can allow public access to employees, customers, clients or partners. The extranet uses Internet protocols so users can navigate with a browser, but resides on the company's private server rather than on a public Internet server. Extranet access from the Internet can be controlled through various architectures that are password or username specific. In other words, areas of the extranet will be available according to password credentials. This limits users to extranet pages relevant to the business they might be conducting, while keeping other areas of the extranet private and secure.
An extranet requires security and privacy. These can include firewall server management, the issuance and use of digital certificates or similar means of user authentication, encryption of messages, and the use of virtual private networks (VPNs) that tunnel through the public network.