I am all about the baselines. I’ve made an entire career out of them. But if you were to ask a random person on the street what that means, the reaction would be: “Who the heck are you, and why are you asking me random weird questions.” So it would be better if you found someone in the tech industry at least.
The power that this functionality provides can then be extended beyond the original asset. How does the software on one server compare to the software on all of the servers around it? Server admins now had a way to measurably test whether or not the servers in their cluster are identical in all of the important ways. Disaster recovery specialists could now ensure that their assets at the disaster recovery site are identical to the servers at their primary production site.
My old boss Gene Kim had an old saying: Servers should be like fuses. When one tripped, you should just be able to replace it. We made our bones on this concept. Telling when a server or an application tripped so that the admins could quickly move to mitigate the issue.
Years ago, you might have heard terms like “Golden Image” or “Standard Image” bandied about as admins kept a library of known good operating systems ready to deploy as necessary. Tripwire was the solution to help them ensure the integrity of those images with our baselining capabilities. Even so, Kim also had an interesting thought experiment.
What would you rather have: one thousand secure servers but all configured differently or 1000 mostly secure servers but configured the same? Gut reaction, of course, is to select the secure servers, but think about the administrative costs of managing 1000 separate servers.
That takes us to the evolution of baselines and the computing industry as a whole really.
Image

The Early Days of the Baseline Question
In the old days (all of 20 some odd years ago), the question about baselines centered around performance at scale. IT professionals talked about clusters of computers (physical ones even) that needed to be identical in order for the application to operate correctly. Or in the event of a failover solution or disaster recovery scenario, they noted how servers or applications needed to be identical to ensure that businesses would continue to exist. The question of performance at scale even extended to the hardware layer. Hard drives, network cards, power supplies needed to be identical in order to be redundant.The Introduction of Software
Then came the idea that not only did the hardware need to be identical but so did the software. That’s where products like Tripwire came in. How could you tell whether or not the files or other objects on the asset were the same or different, not only on a single server but across several? You baseline them. You essentially take a snapshot of the objects. With that baseline in place, you can tell not only if something has changed on the asset itself but also if you have the original “image” to compare it to, allowing you to see how it's changed.Image
