Working with policies is really great except NCM is missing some way to remediate all the blocks in violation of the policy. The policy is able to detect violations in multiple blocks of a configuration such as multiple interfaces. It already has the ability to detect the "start line" that should be able to loop through each of the detected start lines and go into that configuration section using that start line and execute the remediate script.
We prefix each interface for its purpose in the description. So we are able to write a policy to detect the interface and prefix to determine what policy/rules should be applied to the interface. It works great to pull a list of interfaces not configured properly but it would be better to have some ability to remediate them too.
I already created an old thread about this.