I have this marked as a discussion but it's also sort of a question.
I'm trying to figure out where baseline management fits into our strategy for configuration standardization. I may be wrong but the way I understand how baselines work is that they are not capable of "iterating" through a configuration to check, for example, certain interfaces. Once they find a match (or don't) they stop looking, which means they'd still be potentially useful to me for "global defaults" like AAA, SNMP, Syslog, etc. configurations. My issue is I could just as easily achieve the same results with a compliance rule->policy->report and compliance rules are capable of handling interfaces or other repeated blocks of configuration a device might have. If there's a violation, the rules can be set to either automatically remediate or let me manually do it when I get the report, I can't tell if baseline management has an equivalent functionality. Also baselines have to be manually assigned to nodes, whereas compliance policies can be configured to apply to a dynamic selection of nodes.
So my question is where does baseline management fit? There seems to be a lot of overlapping functionality between the two methods and if they were each part of a different "product" or module I could understand it but they're both components of NCM. What am I not seeing regarding baseline management's benefits or compliance reporting's downsides? Should I use one over the other or should I be using both in some way?
