The purpose of establishing a baseline is to set a standard for future comparison and correlation. Baselines do not have to represent the ideal state of your endpoints or asset groups. They are just intended to provide an initial snapshot so you can see what has changed.
The baseline process includes defining baseline criteria sets for objects to be monitored on target endpoints, taking snapshots of those target endpoints or asset groups using the criteria, and then using those snapshots for future comparison and reporting. A baseline criteria set represents the criteria you define for a target endpoint that you want to use in establishing a baseline.
You can establish a single baseline or multiple baselines for each endpoint, using a single set of criteria or multiple sets of criteria. For example, you might establish a baseline for the UNIX files in a particular directory, noting file size and last modification time. When you run the baseline comparison check, you can see if any files have been added, deleted, or otherwise modified. You can also combine one or more baseline criteria sets to form a baseline collection. In a baseline collection, each criteria set represents a separately named baseline, but you can run a single report for multiple baselines at the same time.
NOTE:To use the baselines feature, you must install the appropriate Secure Configuration Manager agents for your target endpoints.