In your own words does Enclave as a unit of security does it describe Intranet or a much large Concept? What if Enclaves are in different Domains?| Solution Enclaves are defined as a set of information and processing capabilities that are protected as a group. The information processing capabilities may include networks, hosts, or applications. An enclave is a representation of a business transaction or unit of work. Each individual enclave that is active in an address space is assigned a unique dispatching and input/output (I/O) priority, which is determined by the goals the user assigns to the enclave. The workload manager then allocates resources to each enclave based on its priority. If several transactions are concurrently sharing the same address space, the less important transactions are deferred until resources needed by the more important transactions become available. A Enclave is a section of an internal network that is subdivided from the rest of the network. The purpose of a network enclave is to limit internal access to a portion of a network. It is necessary when the set of resources differs from those of the general network surroundings. Typically, enclaves are not publicly accessible. Internal accessibility is restricted through the use of internal firewalls, VLANS, network admissions control and VPNs. An enclave is an environment under the control of a single authority with personnel and physical security measures. Enclaves typically contain multiple local area networks (LAN) with computing resource components such as user platforms; network, application, and communication servers; printers; and local switching/routing equipment. This collection of local computing devices is governed by a single security policy regardless of physical location. Because security policies are unique to the type, or level, of information being processed, a single physical facility may have more than one enclave present. Local and remote elements that access resources within an enclave must satisfy the policy of that enclave. A single enclave may span a number of geographically separate locations with connectivity via commercially purchased point-to-point communications. Enclave protection tools can be used to provide protection within specific security domains. These mechanisms are installed as part of an Intranet to connect networks that have similar security requirements,Network Enclaves consist of standalone assets that do not interact with other information systems or networks. A major difference between a DMZ or demilitarized zone and a network enclave is a DMZ allows inbound and outbound traffic access, where firewall boundaries are traversed. In an enclave, firewall boundaries are not traversed. An enclave cannot cross organizational boundaries. A Collaborative Domain (CD) connects or contains enclaves at one or more sites, and is the natural mechanism for instantiating inter- organizational collaborations. The CD provides the association.