Imagine NCM has a report telling you which network devices have vulnerabilities in firmware (e.g. IOS). Do you want the vulnerabilities to be displayed forever (i.e. until you upgrade firmware), or do you want to have the possibility to dismiss the vulnerability? If yes, then per device, or per vulnerability?