What are the differences in considerations in respect to designing or developing an Intranet and an Internet application ?
Some considerations...
- Security
- Site IO
- Traffic
- Data Model
- Need for scalability
Galwegian have wrote most of them already but I think you should consider more caching when it goes external because your database might be more active.
An other point is when you are inside your business (intranet) you might be able to use lower security parameter to access hard drive of you user. This is not possible with external website/application via the web.
One other thing, in an intranet environment you will generally have a standard client build meaning that you can code to a specific browser & version (ha, IE6 normally).
Out in the wilds of the internet, you have to deal with all sorts of browsers & versions, so your html/css/js needs to handle all of these.
Intranets often have a fixed set of browsers that are supported.
If you're lucky you can get away with ignoring IE6. Which is nice.
Intranet applications can take advantage of the ability to link to resources on internal UNC paths (e.g. \\corporateserver\devteam\ArchitectureDiagram.vsd
).
However, be aware that browsers differ in how they handle such links. In Firefox, by default, clicking a link to a resource on a UNC path silently fails (clicking the link does nothing); some workarounds for this are available. In Internet Explorer, links to UNC path resources do work by default.
On an intranet, you may be able to take advantage of existing authentication and authorization services. The banks I've worked for have had very secure third-party authentication services. At other companies using Windows platforms, Active Directory can be useful for both authentication and authorization (using "groups" to define roles).
When these features are available, you don't have to make as many decisions about hashing (and salting) or encrypting passwords, password strength, password expiration, and such. And you don't have to create all the admin pages for setting up users, retrieving or resetting passwords, etc. Users are not confronted with different password policies on different intranet applications, and can often use the same login credentials for multiple applications.
Not having to deal with all of this leaves you more time to spend on the application's main features.
Even though an intranet environment may seem to be less threatened by hackers, it only takes one breach to compromise the system. And, an intranet may be dealing with extremely sensitive data. So, I think you need to make intranet applications at least as secure as Internet applications.
It might be more productive to think of the similarities in design considerations.
You still need to ask yourself the same basic questions about what you are trying to solve, for who, what are their capabilities, what platform(s) do you have access to...etc.
The differences will become apparent quickly enough if you give appropriate consideration to the scope. Many of these have been signposted by other contributors here, but try and avoid making too many assumptions up-front.
Intranet Application are more for internal staffig and knowledge managemnet purposes..
its more moe sensative data to be shared within a network
http://www.dreamznetsolutions.com/intranet_applications.html
Please don't make the mistake of thinking that, because an app is exclusive to the intranet, that it doesn't need to be as secure as an internet app. If anything, it needs to be more secure, as there's a good chance it will be processing data more sensitive than the data the company's internet applications process.
If you rely on the security of the intranet, then your app will only be as secure as the intranet (and as secure as the weakest of all its users, who have their passwords written on sticky notes on their monitors).