Some of the blockchain applications are not meant to be totally decentralized but they should work together with the corporate internal IT infrastructure. Such a solution requires special considerations, as the mission critical business logic is separated into two parts:
1. on the one hand, critical decentralized business logic will run on the blockchain as smart contracts.
2. on the other hand, critical centralized business logic should run on the corporate intranet, absolutely separated from the internet.
To integrate these two requirements might seem to be contradictory for the first sight, what you can do to create a secure infrastructure is to have some proxy Blockchain nodes on the DMZ segment of the system to create an integration with the live blockchain network. On the other hand there should be some internal nodes in your internal network segment to be able to communicate with your internal centralized business logic. To integrate the two versions of the blockchain nodes, there should be a couple of mechanisms regarding offline signs and transferring the offline signed transactions from your offline nodes to your online nodes.