Model-based virtual networking

What is claimed is: 1. A computer-implemented network management system, comprising: a hardware processor and a memory, the hardware processor configured to execute instructions in the memory, that when executed, enable; an arrangement of nodes of a physical network comprising a physical layer; a connectivity model configured to define virtual connectivity between the nodes using connectivity semantics that define abstractions of machines and users of the network, and created to manage communications between the nodes of the physical network; and a translation layer comprising multiple translators, the translation layer between the connectivity model and the physical layer, the translation layer configured to translate the connectivity semantics into network policies and configuration settings for each node in the physical layer, which network policies and configuration settings enable management of the communications between the nodes using the translation layer. 2. The system of claim 1 , wherein the multiple translators include a first translator dedicated to handling a set of security policies, a second translator dedicated to handling firewall policies, a third translator dedicated to handling SSL (secure socket layer) connections, and a fourth translator dedicated to handling gateways. 3. The system of claim 1 , wherein the connectivity model describes a virtual network that overlays a physical layer and is independent of the physical layer. 4. The system of claim 1 , wherein the connectivity model describes a virtual network that overlays a physical layer and includes elements and abstracts of the physical network. 5. The system of claim 1 , wherein the connectivity model defines network security as part of the connectivity semantics. 6. The system of claim 1 , wherein the connectivity semantics include machine identities and user identities of the nodes. 7. The system of claim 1 , wherein the connectivity semantics include groups of nodes and groups of users. 8. The system of claim 1 , wherein the connectivity semantics include node identities. 9. The system of claim 1 , wherein the connectivity semantics manage ports and gateways of the physical network. 10. A computer-implemented network management system, comprising: a hardware processor and a memory, the hardware processor configured to execute instructions in the memory, that when executed, enable; an arrangement of nodes of a physical network; a connectivity model configured to define virtual connectivity between the nodes using connectivity semantics that define abstractions of attributes of the physical network; and a plurality of translators configured to translate the connectivity semantics into different policies or configuration settings for each of the nodes, to perform management of communications between the nodes of the physical network. 11. The system of claim 10 , wherein the virtual connectivity describes a virtual network that overlays a physical layer and is independent of the physical layer. 12. The system of claim 10 , wherein the virtual connectivity describes a virtual network that overlays a physical layer and includes elements and abstracts of the physical network. 13. The system of claim 10 , wherein the connectivity model defines network security as part of the connectivity semantics. 14. The system of claim 10 , wherein the connectivity semantics include machine identities and user identities of the nodes, groups of nodes and groups of users, and node identities. 15. A computer-implemented network management method performed by a computer system executing machine-readable instructions, the method comprising acts of: defining a connectivity model that describes a virtual network of connectivity between nodes of a physical layer based on connectivity semantics that define abstractions of properties of the virtual network; defining a translation layer comprising multiple translators configured to translate the connectivity semantics; and managing communications between the nodes of the physical layer based on the connectivity model. 16. The method of claim 15 , further comprising translating the connectivity semantics into policies and rules that manage the communications between the nodes of the physical layer. 17. The method of claim 15 , further comprising applying the virtual network as an overlay of the physical layer and independent of the physical layer. 18. The method of claim 15 , further comprising applying the virtual network as an overlay of the physical layer that includes elements and abstracts of the physical layer. 19. The method of claim 15 , further comprising applying network security to the physical layer as part of the connectivity model. 20. The method of claim 15 , further comprising creating connectivity semantics that include machine identities and user identities of the nodes, groups of nodes and groups of users, and node identities.