Authorize.net is technically a gateway - it connects to processors (Chase Paymentech, First Data, Elavon, etc.), which, in turn, connect to the associations (Visa/MC/etc). The associations connect acquiring banks on the merchant side and issuing banks on the cardholder side through a network called interchange.
When a cardholder goes to purchase something, the merchant communicates with their acquiring bank to request an authorization. The acquiring bank communicates with the issuing bank via the network to request the authorization. The issuing bank checks the cardholder's account to make sure it's in good standing and has the amount requested, and then holds that amount on the account. It sends a reply message to the acquirer along with an authorization code. The acquirer replies to the merchant. However, communication is not typically done directly to the acquirer - which is where processors and gateways come into play.
No money has actually changed hands at the time of the authorization - that happens through a batch process called capture or settlement (they are technically slightly different in some definitions, but used interchangeably). At capture, the acquirer is sent a message
containing the credit card number, some information about the authorization (address verification/card verification responses, the merchant's descriptor - the name that appears on the credit card statement, and some indicators about how the payment was processed), and the amount to be captured. The gateway keeps the credit card information securely and sends it to the processor, who communicates it through the network. The issuers send the money to the acquirers, who put it in the merchant's bank account (either via ACH wire transfer if their primary account is at a different bank, or directly).
Gateways originally came into being (for the most part, there are other reasons such as value added services like security, fraud control, and reporting) because the processors did not typically allow any kind of direct internet connection - VPN or otherwise. Communication was usually done over leased lines or some other type of dedicated circuit. Since most merchants do not have the means or desire to maintain a leased line, gateways created an internet link to allow connection to a large number of processors, while also simplifying the communication with those processors and providing value-added services.