An extended network is what you would have when you give domain privileges to your network neighbors. Doing so implies that you have created a user account for them, and possibly a machine account.

Chances are that if you were diligent about creating this type of network, you would also have defined and put into place a set of policies. If this sounds like a lot of work to you, it does to us as well.

You would want to create an extended network in situations where the number of users isn’t excessive and for which you want to manage some type of application that isn’t going to be Webbased.

A Web-based application really only requires an Internet connection for each user with identification provided through their browser. An example of this kind of application would be a messaging application such as Exchange or Domino, or a collaborative information application such as Microsoft Sharepoint or Lotus Notes where a user account is required to access the service.

While it’s true that you can get mail from Exchange or Domino through a Web-based client, an application accessed over a network is more secure and less troublesome. Mail is there for your clients even when the Internet connection is broken. Truth be told, we’re not big fans of allowing domain access to outside users.

It really isn’t necessary and it has a number of security risks associated with it that aren’t worth taking. Managing a large number of accounts for a network neighborhood isn’t really something you want to do unless there is some very specific value in it.

The better way is to create a second network domain for your neighborhood and set up the trust relationship so that if the outside domain authenticates the user that authentication can be passed through to your network domain.

Chances are that if all of this talk about domains, authentication, and machine accounts has your head spinning, then you aren’t likely to want to be managing an enterprise application that makes an extended network necessary.

You should probably concentrate on creating some version of a hotspot or a captive portal. The software necessary to create and manage both of these types of “open” networks is out there to be purchased; and entire turnkey systems can be deployed.