In short, an extranet can be considered to be a very free and open intranet, or a very restricted public web site. More specifically, an extranet is a private network over the Internet protocol (usually http or https) to help an organization share information with other people and organizations that it deals with. It is neither part of the organization's intranet, nor its public web site, yet is related to both.
One of the main purposes of an extranet is to allow certain people who are not part of the organization to have access to certain private information provided by the company that is not accessible from its public web site. This may include business to business collaboration and transactions, access to customer data, vendor tools, supplier tools, and more.
Extranets should be protected by a firewall, and offer encryption, digital certificates, or other forms of protection for both the organization running the extranet as well as the person using it.
An extranet typically requires some form of authentication, usually in the form of a username and password. This is most often accomplished through file and directory/folder permissions set by the operating system, though other authentication methods may be used.
A properly secure intranet will never have links pointing to it, and should not even be accessible to users not directly connected to the organizational network. Conversely, the extranet is accessible and easily found by the public - if they have been given the proper credentials.