INTRANET

UNIT - II
 What is Intranet
► An intranet is a private network that is
contained within an enterprise.
► It may consist of many interlinked local area
networks and also use leased lines in the
wide area network.
► The main purpose of an intranet is to share
company information and computing
resources among employees.
► An intranet can also be used to facilitate
working in groups and for teleconferences.
► An intranet uses TCP/IP, HTTP, and other
Internet protocols and in general looks
like a private version of the Internet.
► Typically, larger enterprises allow users
within their intranet to access the public
Internet through firewall servers that
have the ability to screen messages in
both directions so that company security
is maintained.
► When part of an intranet is made
accessible to customers, partners,
suppliers, or others outside the company,
that part becomes part of an extranet.
 Planning an Intranet
► The purpose and goals of the intranet
► Persons or departments responsible for
implementation and management
► Functional plans, information architecture, page
layouts, design.
► Implementation schedules and phase-out of existing
systems
► Defining and implementing security of the intranet
► How to ensure it is within legal boundaries and other
constraints
► Level of interactivity (eg wikis, on-line forms)
desired.
► Is the input of new data and updating of existing
data to be centrally controlled or devolved
 Actual
►
Implementation
The actual implementation of intranet includes
following steps:
 Securing senior management support and funding.
 Business requirements analysis.
 Setting up web server access using a TCP/IP network.
 Installing required user applications on computers.
 Creation of document framework for the content to be
hosted.
 User involvement in testing and promoting use of intranet.
 Ongoing measurement and evaluation, including through
benchmarking against other intranets.
 Requirements &
Recommendations
► Network Service
► Directory Service
► Security Service
► Messaging Service
► Application Service
► File Service
► Database Service
► Cal Poly Pomona Web
 Types of Intranet

Collaboration Distributed
Platform Intranet
Internal
Website
 The Collaboration
Platform
► This type is very big on two-way
publishing.
► Users publish just as much as they
consume.
► This type of intranet is big on
discussion forums and other ways to
people to connect with each other.
► Information tends to be less formal,
more conversational.
 The Internal Website
► This type is based on one-way publishing.
People who interact with it are divided into
two groups: consumers and publishers.
► There is a defined “admin side” to it which
comparatively few people have access.
► Information is reviewed before it’s
published, and it’s often subject to workflow
and approvals.
► The intranet is structured just like a public
Web site, it just happens to be behind the
firewall.
 The Distributed Intranet
► In larger organizations, intranet very quickly
becomes decentralized.
► It does not end up with a single, definable
“intranet,” but with dozens or even hundreds
of small applications (e.g. - a phone directory,
an announcements system, a document
library) that are grouped around common
infrastructure, like a centralized user
database and a centralized store of design
elements so all the mini-applications can look
the same.
Intranet Advantages
► Workforce Productivity
 Intranets can also help users to locate and
view information faster and use applications
relevant to their roles and responsibilities.
► Time
 With intranets, organizations can make
more information available to employees on
a "pull" basis.
► Communication
 From a communications standpoint,
intranets are useful to communicate
strategic initiatives that have a global reach
throughout the organization.
► Web publishing
 It allows 'cumbersome' corporate knowledge to
be maintained and easily accessed throughout the
company using hypermedia and Web
technologies.
► Business operations and management
 Intranets are also being used as a platform for
developing and deploying applications to support
business operations and decisions across the
internetworked enterprise.
► Cost-effective
 Users can view information and data via web-
browser rather than maintaining physical
documents such as procedure manuals, internal
phone list and requisition forms.
► Cross-platform Capability
 Standards-compliant web browsers are
available for Windows, Mac, and UNIX.
► Immediate Updates
 When dealing with the public in any capacity,
laws/specifications/parameters can change.
► Promote common corporate culture
 Every user is viewing the same information
within the Intranet.
► Enhance Collaboration
With information easily accessible by all
authorised users, teamwork is enabled.
 Intranet
Disadvantages
Management concerns
Management fears loss of control
Hidden or unknown complexity and costs
Potential for chaos

Unauthorized access
Security concerns Abuse of access
Denial of service
Packet sniffing

Productivity concerns
Overabundance of information
Information overload lowers productivity
Users set up own web pages
Intranet Architecture
► Before discussing the Intranet Architecture a
few background concepts need to be
introduced.
► Sources of Information
 Formal information
► This is the information with which the formal management
infrastructure is most concerned.
 Project/group information
► Itis used to communicate and share ideas, coordinate activities or
manage the development and approval of content that eventually
will become formal
 Informal information
► Inthe informal information the URL can be given to the interested
parties, and the latest version can be read and tracked as it
changes.
► Typesof Pages
 Content pages
►Content pages can take many forms.
►They may be static pages, like the ones you
are reading here, or they may be active pages
where the page content is generated.
 Broker pages
►Broker pages serve an explicitly defined
audience or function.
►A hyperlink broker page contains links to other
pages, in context.
►Many of the pages with which we already are
familiar are broker pages
 The Intranet
Infrastructure
► The Enterprise Map
► Shadow Maps
► General Brokering
► Workflow Management
► Access to Database Information
 Enterprise Map
►A structured set of broker pages can be very useful
for managing the life cycle of published content. We
call this the Enterprise Map
► The Enterprise Map also does not have to be based
on organization. It could be a logical map where the
top level is the mission, the next level the major
focuses required to accomplish the mission, and so
on, down to the content level.
► the Enterprise Map begins with a top page, owned
by the CIO and /or CEO (with responsibility usually
delegated to the Web Administrator).
► The Map provides a commitment (or accountability)
view of all the formal content in the enterprise.
 Shadow Map
► The Shadow Map works the same way as
the Enterprise Map, but it is not generally
advertised and can be protected by
passwords or other access controls.
► A Shadow Map continues down to the
author level.
► The author maintains an Index Page that
is divided into two sections, work
commitments and work completed.
► Finally work completed must meet the
work commitments.
Shadow Page Diagram
 General Broking
►A broker may provide information to users in
the context of specific processes, providing
structure for efficiency and consistency.
► Most knowledge worker jobs today involve
some form of information brokering.
► An individual may start the page for himself,
these pages can be a valuable way to identify
and quickly meet new requirements.
► However there is no guarantee that the
content in these pages are verified or that the
author will keep the content current. 
General Broking
Diagram
 Workflow Management
► Workflow management is a relatively new
focus for the Intranet.
► Email, threaded-mail discussion groups and
news groups provide forums for discussion
and resolution of issues.
► The HTML "mailto:" function has been used
to provide reviewers with easy connections
through their browser to these forums.
 Access to Database
Information
► Three models of access can be
identified: 
► Automatic tailoring of page content
► User specified database requests
► User initiated database updates
 Designing an Intranet
(Building Corporate Wide
Web )
► Points
to keep in mind while
designing the Intranet
 Integrating Information Design
 Don’t Overlook Design
 Implementation of Tasks rather than
Documents
 Organize tasks into larger processes
 Virtual Workgroups
 Reflection of Intranet
 Integrating Information
Design
► It is must to integrate all information collected
in the organization to develop the intranet.
► All the information must be according to the
business needs and business planning.
► Focusing on processes rather than departments
is a widely-hailed business trend.
► Intranet should help employees in collaborating
on business process such as product
development or any order fulfillment.
 Don’t Overlook Design
► An intranet needs to be carefully
designed to help employees’ access
information and collaborate effectively.
► None of the design should present any
irrelevant information of the company.
► There must be an organization chart of
the company to represent the company
flow chart to outsiders and as well to its
employees.
 Implementation of Tasks
rather than Documents
► Intranet is not just a collection of documents rather
it is the collection of information.
► Intranet users actually use documents to complete
the tasks.
► These task can be organized in a way that all
process should be done accurately.
► Finally on the basis of these tasks employees does
different functions, as required
 Organize tasks into larger
processes
► Itis required that all isolated tasks are
collected together and make a larger
process.
► The most important processes in a
company are those that create value for
a customer.
► Processes can be relatively distinct, such
as developing or selling products.
► So all the processes must be handled in a
way that for intranet users it should be
an easy task to perform.
 Virtual Workgroups
► For intranet users there must be virtual
workgroup to work together.
► Intranet can also bring together
employees and partners who are
geographically isolated to work on
common problems.
► By putting all people together they can
work on single task with their best.
► The central to the value of an intranet
is the design of virtual spaces, which
promotes new forms of collaboration,
but in being paid less attention.
 Reflection of Intranet
► An intranet is actually the reflection of
the company.
► By seeing the intranet of any company
people can make decision how the
company can be.
► An intranet that reflects the culture of its
company will make employees feel more
at home.
► For the intranet to be successful, it must
provide ways of empowering all
employees.
 HTTP Protocols
► HTTP stands for Hypertext Transfer
Protocol.
► It is an TCP/IP based communication
protocol which is used to deliver
virtually all files and other data,
collectively called resources, on the
World Wide Web.
► These resources could be HTML
files, image files, query results, or
anything else.
 Important things about
HTTP
► HTTP is connectionless:
 After a request is made, the client disconnects from
the server and waits for a response. The server
must re-establish the connection after it process the
request.
► HTTP is media independent:
 Any type of data can be sent by HTTP as long as
both the client and server know how to handle the
data content. How content is handled is determined
by the MIME specification.
► HTTP is stateless:
 This is a direct result of HTTP's being
connectionless. The server and client are aware of
each other only during a request. Afterwards, each
forgets the other. For this reason neither the client
nor the browser can retain information between
different request across the web pages.
HTTP Protocol Diagram
 Request Message
► The Request Message of HTTP consists
of the following:
 An initial line <CRLF >
 Zero or more header lines <CRLF >
 A blank line ie. a <CRLF >
 An optional message body like file, query
data or query output.
 REQUEST METHODS

SAFE METHODS UNSAFE

METHODS
Methods are used only Methods are used
for information retrieval for making changes
and should not change in information in
the state of the server. the server.
Ex: HEAD, GET, Ex: POST, PUT,
OPTIONS, TRCE DELETE
 Request Methods
► HEAD
 This method is often used for testing
hypertext links for validity, accessibility, and
recent modification.
► GET
 The GET method is used to retrieve whatever
information (in the form of an entity) is
identified by the Request-URI.
► POST
 The POST method is used to request that the
origin server accept the entity enclosed in
the request as a new subordinate of the
resource identified by the Request-URI in the
Request-Line.
 Request Methods
► PUT
 Put method is used to upload a
representation of the specified resources.
► DELETE
 The DELETE method requests that the
origin server delete the resource
identified by the Request-URI.
► TRACE
 The TRACE method is used to invoke a
remote, application-layer loop- back of the
request message.
 Request Methods
► OPTIONS
 The OPTIONS method represents a
request for information about the
communication options available on the
request/response chain identified by the
Request-URI.
► CONNECT
 This method is used to convert the
request connection to a transparent
TCP/IP tunnel.
 HTTP Versions
► HTTP 1.0
 This is the first protocol version in
communications and mainly used by proxy
servers.
► HTTP 1.1
 It is the current version. It allows request
pipelining, multiple user request to be sent at
the same time.
► HTTP 1.2
 This is the working draft of Protocol Extension
Protocol. It was published in Feb’2000. This is
the future protocol version.
 STATUS CODES
► Success 2xx
 These codes indicate success.
► No Response 204
 Server has received the request but there is no information
to send back, and the client should stay in the same
document view.
► Error 4xx, 5xx
 The 4xx codes are intended for cases in which the client
seems to have erred, and the 5xx codes for the cases in
which the server is aware that the server has erred.
► Bad request 400
 The request had bad syntax or was inherently impossible
to be satisfied.
► Unauthorized 401
 The parameter to this message gives a specification of
authorization schemes which are acceptable.
 STATUS CODES
► Not found 404
 The server has not found anything
matching the URI given.
► Internal Error 500
 The server encountered an unexpected condition
which prevented it from fulfilling the request.
► Not implemented 501
 The server does not support the facility required.
► Service temporarily overloaded 502
 The server cannot process the request due to a
high load (whether HTTP servicing or other
requests).
 HTTP Persistent
Connection
► HTTP persistent connections, also called HTTP
HTTP persistent connections, also called HTTP
keep-alive, or HTTP connection reuse, is the
idea of using the same TCP connection to
send and receive multiple HTTP
requests/responses, as opposed to opening a
new one for every single request/response
pair.
► Using persistent connections is very
important for improving HTTP performance.
► In HTTP/1.1, persistent connections are the
default behavior of any connection.
 HTTP Session State
► S-HTTP (Secure HTTP) is an extension to the
Hypertext Transfer Protocol that allows the
secure exchange of files on the World Wide
Web.
► Each S-HTTP file is either encrypted,
contains a digital certificate, or both.
► S-HTTP does not use any single encryption
system.
► SSL (Secure Socket Layer) is another
protocol for secure network communication.
 TCP/IP Model
► TCP/IP stands for Transmission Control
Protocol/Internet Protocol which is widely
accepted and used communications protocol.
► TCP/IP has only four layers, which roughly
correspond to groups of the OSI model.
► The Internet, many internal business networks
and some home networks used TCP/IP.
► TCP (Transmission Control Protocol) – responsible
for reliable delivery of data.
► IP (Internet Protocol) – provides addressing and
routing information.
 TCP/IP Layers
► The four layers in TCP/IP are :
 Application Layer
 Transport Layer
 Internet Layer
 Network Interface Layer
OSI and TCP/IP Model
TCP/IP vs. OSI

Application 7 Application

6 Presentation

5 Session

Transport 4 Transport

Internet 3 Network

Network Interface 2 Data Link

1 Physical
 Network Interface Layer
► Provides physical interface for transmission
of information.
► Covers all - mechanical, electrical, functional
and procedural - aspects for physical
communication.
► This layer attempts to provide reliable
communication over the physical layer
interface.
► Supports points-to-point as well as broadcast
communication.
► Supports simplex, half-duplex or full-duplex
communication
 Internet Layer
► Implements routing of frames
(packets) through the network.
► Defines the most optimum path the
packet should take from the source to
the destination
► Handles congestion in the network.
► The network layer also defines how to
fragment a packet into smaller packets
to accommodate different media.
 Transport Layer
► Purpose of this layer is to provide a
reliable mechanism for the exchange of
data between two processes in different
computers.
► Ensures that the data units are delivered
error free.
► Ensures that there is no loss or
duplication of data units.
► Provides for the connection
management.
► Multiplex multiple connection over a
single channel.
 Application Layer
► Application layer interacts with application
programs and is the highest level of TCP/IP
model.
► Application layer contains management
functions to support distributed
applications.
► Examples of application layer are
applications such as file transfer,
electronic mail, remote login etc.
Issues in Intranet Security
► Security through Obscurity
► Using the Server Security
► Firewalls
► Virtual Private Network
 Security through
Obscurity
► Security through obscurity is the way to prevent
casual users from accessing your Intranet is to
make it hard to find.
► There are a few ways to hide your Intranet.
 Using non-standard ports - The standard port is 80.
Using a different port will make it harder to find.
 Using hard to guess names - Most companies use WWW
for the Web server machine name. Using something
different can make it harder to find.
 Hiding your server's name - This can be done by not
listing it in the DNS tables for your site, and not using it
to browse the Web, send e-mail, or post to Usenet.
►
Using the Server Security
► There are two security models you can use to
secure your Web server:
► Restricting by IP Address
 Almost all Web servers have an access list that defines
what machines or networks are allowed to retrieve
documents or submit forms. This access list is usually
made up of a list of allow and deny fields.
► Usernames and Passwords
 When a user encounters a page that is protected, a
box appears asking for username. After the username
is entered, the password is required. Once the
password has been entered, it is checked to make
sure it is the correct one.
 Firewalls
► Firewalls are a system or group of systems
that enforce a policy between two
networks.
► In most cases one of the networks is the
Internet; however, firewalls can be placed
between any two networks.
► Firewall consists of software which blocks
access to internal network from the
Internet.
► Firewalls are split into two different
categories: network-level and application-
level firewalls.
 Virtual Private Network
►A VPN uses hardware or software to encrypt
all the traffic that travels over the Internet
between two predetermined end-points.
► VPN technology at present works best for
encrypting traffic between two known points
that are accepted as valid destinations for
traffic.
► Once a link is established, VPN is used to
encrypt the information which is sent.
 Future of Intranet
► Corporate intranet will take an increasing
importance as more and more businesses turn to
Web-based applications to manage core business
systems like SAP and PeopleSoft.
► Companies are learning that on-demand Web
services are cheaper to maintain and easier to use
than hosting software on their own systems.
► All of these Web-based applications can be bundled
into the corporate intranet where they can be
accessed securely with one network password.
 Protocols of
Communications
► There
are so many protocols used for
communications:
 HTTP
 TCP/IP
 SMTP
 NNTP
 FTP
 SOAP
 UDP
 Protocols of
Communications
► SMTP
 SMTP is a short for Simple Mail Transfer
Protocol and it is used to transfer e-mail
messages between computers.
 Simple Mail Transfer Protocol is a 'push'
protocol and it cannot be used to 'pull' the
messages from the server.
 SMTP is used to send the message from the
mail client to the mail server
► NNTP
 Network News Transfer Protocol is the
predominant protocol used by computer
clients and servers for managing the notes
posted on Usenet newsgroups.
 NNTP servers manage the global network
of collected Usenet newsgroups and
include the server at your Internet access
provider.
 An NNTP client is included as part of a
Netscape, Internet Explorer, Opera, or
other Web browser or you may use a
separate client program called a
newsreader
► FTP
 Short for File Transfer Protocol, the
protocol for exchanging files over the
Internet.
 FTP uses the Internet's TCP/IP protocols to
enable data transfer.
 FTP is most commonly used to download a
file from a server using the Internet or to
upload a file to a server (e.g., uploading a
Web page file to a server).
► SOAP
 SOAP stands for Simple Object Access
Protocol.
 SOAP is a communication protocol
 SOAP is for communication between
applications
 SOAP is a format for sending messages
 SOAP communicates via Internet
 SOAP is platform independent
 SOAP is language independent
 SOAP is based on XML
 SOAP is simple and extensible
 SOAP allows you to get around firewalls
► UDP
 User Datagram Protocol or UDP is part of
the Internet Protocol suite, using which,
programs running on different computers
on a network can send short messages
known as Data grams to one another.
 UDP can be used in networks where TCP is
traditionally used, but unlike TCP, it does
not guarantee reliability or the right
sequencing of data.
 UDP is a stateless protocol which is useful
for servers engaged in answering short
queries from a large number of clients.