At the same time that I was working at an ISP on a product that would let employees from various companies connect via dial up and VPN into their corporate networks (whose gateways were also on our network) several of my co-workers were using a VPN of their own to connect to their home networks, but not to access the resources on those home networks (although some did that too). They wanted to use the internet from their machines at home in order to hide their internet activity from our IT department.
This is basically the same thing people do with VPNs now, only instead of hiding their internet activity from IT, they hide it from their ISP.
VPNs were always used for things other than connecting someone to a corporate network, it's just that most of the general internet population at that time (and I'm guessing you're old enough to remember this) were not aware of the technology and not tech savvy enough to set it up. This is true even for the employees of the companies we had as customers. We had to build entire software products that did nothing but hand hold people through setting up a dial up networking connection. It's not surprising that corporations were the majority users of VPN technology until the rest of the public (who don't have IT staff) caught up, at which point it became increasingly more common for people to use it to hide their internet traffic.
I took it to mean a private network connecting two end points, not necessarily connecting two private networks, just that the tunnel (the network between them) was virtual and secure so the traffic exchanged couldn't be eavesdropped on, or modified, by every random node as it passed though the untrusted internet.
I might have been influenced by the product we were selling though. These were dial up users on workstations looking to access their company's LAN so the idea of connecting two discrete private networks wouldn't have fit as well. There was also a lot of focus on the insecurity of passing traffic (even encrypted traffic) over the internet. We had companies paying us a premium to sign up for the service and host their gateway on our network so that the traffic between the users who dialed in and the company's own network never left the ISPs network (never reached the internet at large). I knew at the time it was marketing and that with a well encrypted connection it shouldn't matter if the traffic ever left our "cloud", but it could have helped to shape my view of the technology.
Clients ate that up too. The internet was scary to them. Being able to say that their employee will dial directly into our equipment, and that no packet would pass through a device we didn't operate until the moment it hits your company's gateway made a lot of companies feel better about letting workers remote in.
Fair, it does seem that "privacy" VPNs are a lot older than I thought and possibly as old as the "VPN" moniker. (Assuming that your project was in the 90s, which it sounds like.)
At this point it just seems like arguing for arguing's sake, but I was rejecting the notion that VPNs were always intended for privacy (along with saying others are wrong for suggesting otherwise). It still seems to me that VPNs did not always imply "privacy", and I think in my sibling comment to this, an RFC from 1999 seems to support that (focusing on "intranets" and "extranets" in the definition of a VPN, and only mentioning encryption once as an optional component, with possibly only authentication instead, or even none).
I agree, VPNs were absolutely not always used to hide internet activity, but sometimes they were. Early on they were certainly most often used by companies to connect networks or to connect to resources on their intranet, the need (and the money) was primarily there, but I'm not surprised that using VPNs for privacy reasons got more popular as time went on. Even back then I thought it was pretty cool/useful tech and I had no LAN to speak of.
I agree with all of that, too! And yeah, I think by now the meaning of "VPN" has well shifted, likely because of the privacy enhancement getting to popular (and I think I've also noticed that terms like "Intranet" and "Extranet" have somewhat fallen out of favor, too, but maybe that's just in my environments).
It's not a question of recollection. Read the acronym carefully. It is virtual and it is a network. Not the destination but the tunnel itself is the network that is private. It was described as such from the start and in no networking context have I ever heard otherwise (correct me if wrong please).
Let's say you have an IPSec tunnel between a branch location and HQ site. The typical solution was GRE where you encapsulate it inside another IP packet that has public IPs only for the destination to decapsulate it. When VPNs came along they added privacy hence the name.
In networking you are not connecting two networks. You are interconnecting three networks! the branch would have its own subnet so would HQ but the VPN also would have its subnet all routed as separate networks. The tunnel network getting privacy because it traverses untrusted networks (back in the day it wasn't typically the interent but ATM, frame relay,T1,etc... "directly" between sites), that's where term cloud comes from FYI the untrusted magic ISP network in the sky.
This might be the most pedantic thread (on my part, too) I was ever part of. :)
The earliest reference to VPN I can find in the RFCs, RFC2547, seems to call the "destination" (the network spanned by the tunnel) the VPN, not the tunnel itself:
"If all the sites in a VPN are owned by the same enterprise, the VPN
is a corporate "intranet". If the various sites in a VPN are owned
by different enterprises, the VPN is an "extranet". A site can be in
more than one VPN; e.g., in an intranet and several extranets. We
regard both intranets and extranets as VPNs."
That same RFC has only one mention of encryption at all, in passing, and as being optional (note the "and/or"):
A security-conscious VPN user might want to ensure that some or all
of the packets which traverse the backbone are authenticated and/or
encrypted.
It does not seem to me that privacy was implied.
I still think that VPNs were invented to connect smaller private networks to a larger private network together, where private != privacy. (But rather related to authorities, such as using "private IP addresses" in e.g. 10.0.0.0/8, instead of publicly routable ones.)
Privacy was a (good, likely popular) option, but just not part of the strict definition of what a VPN is (much unlike today).
This is basically the same thing people do with VPNs now, only instead of hiding their internet activity from IT, they hide it from their ISP.
VPNs were always used for things other than connecting someone to a corporate network, it's just that most of the general internet population at that time (and I'm guessing you're old enough to remember this) were not aware of the technology and not tech savvy enough to set it up. This is true even for the employees of the companies we had as customers. We had to build entire software products that did nothing but hand hold people through setting up a dial up networking connection. It's not surprising that corporations were the majority users of VPN technology until the rest of the public (who don't have IT staff) caught up, at which point it became increasingly more common for people to use it to hide their internet traffic.