© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Agenda
UCS Management Introduction
SNMP and the UCS
Smart Call Home
XML and the UCS
Authentication Methods
Organization & Locales
Role-Based Access Control
4
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Agenda
Multi-UCS Management
UCS in VMware Environments
Collection & Threshold Policies
Backups
5
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCS Management Introduction
Remote access to UCSM available via
– HTTP (Port 80)
– HTTPS (Port 443)
– SSH (Port 22)
– Telnet (Port 23 , disabled by default)
– SNMP (Port 161, disabled by default)
– CIM-XML (Port 5988 , disabled by default)
Multiple remote authentication mechanism available
7
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCS Management Introduction Model-Based Framework
8
GUI
Available
Comprehensive
Modular Reliable
Serviceable
CLI Standards
(SNMP, IPMI, etc)
Secure
Module Base
Open
XML API
Management
Information Tree
Data Management
Engine (DME)
Application
Gateways (AG)
Managed Endpoints
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCSM SNMP Evolution
UCSM 1.0(1) thru 1.2(1) releases
– IETF networking MIBs, such as the IF-MIB and the ENTITY-MIB were implemented
UCSM 1.3(1) release
– Reports equipment and logical faults
– UCS Fault MIB
– Sends SNMP Traps or Informs when UCSM fault is raised or cleared
UCSM 1.4(1) thru 2.1(1) releases
– 100% UCSM data model coverage via private MIBs
Subtitle: Size 18, Left Aligned
10
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCSM SNMP Features
Support for SNMPv1, SNMPv2c and SNMPv3
Cisco UCS supports read-only access to MIBs
If using SNMPv3 the following authentication protocols are available
– HMAC-MD5-96 (MD5)
– HMAC-SHA-96 (SHA)
If using SNMPv3 the privacy password offers a choice of DES or 128-bit AES encryption
Starting with UCSM 2.0(2m) SNMP defaults to v3 when enabled
Starting with UCSM 2.0(2m) non-secure SNMPv1/v2c access can be disabled while SNMP is still enabled
Subtitle: Size 18, Left Aligned
11
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCSM SNMP GUI Configuration
12
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCSM SNMP Fault Notification (Traps)
UCSM supports two Traps
– cucsFaultActiveNotif – Generated whenever a fault is active and the fault state changes
– cucsFaultClearNotif – Generated whenever a fault is cleared
Traps notifications include
– cucsFaultDescription
– cucsFaultAffectedObjectId
– cucsFaultCreationTime
– cucsFaultSeverity
– cucsFaultId
Traps are defined in the CISCO-UNIFIED-COMPUTING-NOTIFS-MIB
Subtitle: Size 18, Left Aligned
13
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Cisco UCS SNMP MIB Files
14
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Cisco UCS SNMP Traps Example
15
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCSM SNMP & Fault Suppression
Fault Suppression Introduced in 2.1(1)
Traps can be suppressed during a specific time periods
Suppression of transient faults for physical and logical entities
Subtitle: Size 18, Left Aligned
16
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCS Smart Call Home
Provides email-based notifications
Email format can be text or XML
Configuration dictates which faults or events generate alerts
Alert messages can be delivered to specific person or groups
UCSM executes appropriate CLI commands to attach to message automatically
Some messages result in automatic Service Request creation
http://www.cisco.com/en/US/docs/unified_computing/ucs/ts/faults/reference/TS_CallHomeFaults.html
Subtitle: Size 18, Left Aligned
18
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Smart Call Home Architecture
19
Internet
Customer
Secure Authenticated
Access to Hosted Portal
Device Diagnostic
Library
Remediation
Recommendation
Engine
Diagnostics &
Parsing Engine
Smart Call Home Portal TAC
Automatic
SR
Remediation
Recommendation
Intelligent Monitoring
& Collection Engine
Secure Transport
Cisco
HTTPS Encryption & Certificate-
based authentication
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCS Smart Call Home GUI Configuration
20
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCS Smart Call Home GUI Configuration
21
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCSM XML API
Programmatic interface
Communicates over HTTP/HTTPS
Standard Request/Response cycle
Role Based Authentication
Object Model Hierarchy
Build-in Object Browser
Published Schema
High Availability
23
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Copying the XML
The UCSM GUI allows administrators to copy the XML used to create any object
This can be helpful when developing scripts or creating applications with the XML API
24
Right-click
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Copying the XML
25
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Cisco UCSM Developer Network
Downloads
– UCS Platform Emulator
– goUCS Automation Tool
– XML API, Perl, Powershell code samples
Documentation
– Programming & Developer Guides
– White papers
– Reference Guides
Collaboration
– Blogs
– Videos
– Peer to peer forums
http://developer.cisco.com/web/unifiedcomputing/home
26
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCS Case Examples for UCS XML API
Manage Multiple UCS Systems
Monitor and Integrate the Event Stream
Automate Issue Remediation
Automate Deployment
Automate Backup
Firmware Image Management
27
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCS Ecosystem
Monitoring and Analysis
– BMC ProactiveNet Performance Mgmt
– CA Spectrum Infrastructure Manager
– EMC DCI
– HP Operations Manager / Open View
– IBM Tivoli Monitoring and Netcool
– Microsoft System Center Operation Manager
– ScienceLogic EM7
– Zenoss Enterprise
– Solarwinds Orion
– InfoVista 5View
Service Orchestration
– Cisco Intelligent Automation
– Cloupia Unified Infrastructure Controller
– BMC Cloud Lifecycle Manager
– DynamicOps Cloud Automation Center
– EMC Unified Infrastructure Manager
– HP Operations Orchestration
– IBM Service Delivery Manager
– VMware vCenter / vCloud Director
Deployment and Configuration
– BMC Blade Logic
– CA Spectrum Automation Manager
– HP Server Automation
– IBM Tivoli Provisioning Manager
– Symantec Altiris DS
28
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Authentication Services
During login the UCSM
– Queries the local or remote authentication server
– Validates the user
– Checks for Roles and Locales assigned to user
A custom user attribute can be used to extend the schema of the remote authentication provider
– LDAP : CiscoAVPair customer attribute ; ID 1.3.6.1.4.1.9.287247.1
– RADIUS : The vendor ID for the Cisco RADIUS implementation is 009, the vendor ID for the attribute is 001. Multiple roles or locales can be passed via the cisco-avpair with the following syntax – shell:roles=“operations,network” shell:locales=“Exec,Finance”
– TACACS+ : The cisco-av-pair name is the string that provides the attribute ID for the provider. The following syntax can be use to pass multiple roles and locales – cisco-av-pair=shell:roles=“operations network” shell:locales*”Engineering”
30
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCSM Multiple Authentication Model
31
LDAP
RADIUS
TACACS+
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Providers and Provider Groups
Providers
– Servers used by UCSM to authenticate users
– A total of 16 servers per authentication method
– Defined by IP or Hostname
32
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Providers and Provider Groups
Provider Groups
– Providers can be separated into groups
– A single Provider can be present in more than one Provider Group
– A total of 16 Provider Groups can be defined per authentication method
– The administrator can set the order the Providers are queried
– If all Providers are unavailable or unreachable, then UCSM automatically falls back to the local authentication method using the local username and password
33
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Authentication Domain and Realms
Domains
– Allows UCSM to leverage multiple authentication systems
– Up to eight (8) different domains per system
– Domains are always tied to a Realm
– Provider groups can be assigned
– If no provider group listed, then all servers within the Realm are used
Realms
– Defines the authentication protocol for a particular Domain
– Type : Local, Radius, TACACS+ or LDAP
34
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Default and Console Authentication
Default and Console Authentication accessed via Native Authentication option
Default Authentication used when user login via SSH/Telnet/GUI/XML, but no domain was specified
Console Authentication used when user login via Console port in FI
Valid Real are Local, RADIUS, TACACS+, LDAP and None
Role policy defines what roles to assign if Provider didn’t supply roles
35
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Login via Authentication Domain
For SSH, Telnet or XML the username has to include the domain in order to qualify it properly
– XML : <aaaLogin inName="ucs-server-mgmt\ciscolive" inPassword="Cisco12345" />
– Telnet : ucs-network-mgmt\ciscolive
– ssh ucs-network-mgmt\\[email protected]
For GUI a list of Domains can be selected from a pull down menu
36
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Troubleshooting Provider Connection
Test command for individual server executed from NXOS CLI
37
F340-31-17-FI-A-A(nxos)# test aaa server ldap 14.17.111.100 jason passwd
user has failed authentication
Invalid credentials
F340-33-16-FI-B(nxos)# test aaa server ldap 14.17.111.110 jomartin passwd
can not find the LDAP server
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Troubleshooting Provider Connection
Test command for server executed from NXOS CLI
38
F340-31-17-FI-A-A(nxos)# test aaa server ldap 14.17.111.100 jason password
user has been authenticated
Attributes downloaded from remote server:
User Groups:
CN=ucsadmin,OU=CiscoUCS,DC=jlill,DC=lab
Roles:
admin
F340-31-17-FI-A-A(nxos)# test aaa server ldap 14.17.111.100 jason password
user has been authenticated
Attributes downloaded from remote server:
User Groups:
CN=ucskvm,OU=CiscoUCS,DC=jlill,DC=lab
Roles:
kvm-only
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Troubleshooting Provider Connection
Test command for Provider Group executed from NXOS CLI
39
F340-31-17-FI-A-A(nxos)# test aaa group jlill-dc jason password
Problem in validating the group
F340-31-17-FI-A-A(nxos)# test aaa group jlill-dc1 jason password
user has been authenticated
Attributes downloaded from remote server:
User Groups:
CN=ucsadmin,OU=CiscoUCS,DC=jlill,DC=lab
Roles:
admin
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Troubleshooting Provider Connection
Debug output executed from the NXOS CLI
– debug <radius | tacacs+ | ldap>
– debug aaa all
Usually done with TAC assistance
Always turn all debugs OFF after troubleshooting
– undebug all
40
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Troubleshooting Provider Connection
Ethanalyzer tool usage from NXOS level
– Selecting the mgmt interface we can sniff all traffic to/from the management port
– Cannot be used to sniff the 10GE ports in the motherboard
– Can be saved as pcap file to open in Wireshark
41
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Active Directory Integration using LDAP
Release 1.4(1) introduced the ability to configure LDAP to an Active Directory environment without the need for AD schema changes
Pre-1.4(1) configurations need to be removed first
The use of editors, like ADSI Edit, makes it easier to collect information and edit the CiscoAVPair attribute
When using Active Directory as LDAP server you need to create a user account to bind to UCS. It should be given a non-expiring password.
Caveat – In 1.4 and 2.0 UCSM releases there was no way to map LDAP group to Read-Only Role. This was resolved in 2.1 release. There is a work-around available for 1.4 and 2.0 releases.
42
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Active Directory Integration using LDAP
The following information is needed to configure the LDAP communication
– Hostname or IP of server. If encryption over SSL is used, then the FQDN is needed
– Bind DN. This is the distinguishedName attribute of the account.
– Base DN. This is the distinguishedName of the domain.
– Filter. This is the sAMAccountName attribute. Format is attribute=$userid
– Attribute. This is the CiscoAVPair attribute. Can be left alone if you don’t want to modify the schema. Instead us the LDAP Group in UCSM.
– Password. This is the Bind’s user password
If using SSL the port can be kept at the default of 389. The endpoints will negotiate a TLS session on port 636.
43
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Organizations
Allows dividing the infrastructure into logical entities
Extremely helpful in multi-tenancy environments
Multiple levels of sub-organizations can be created. Up to a maximum of 5 levels under Root.
45
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Organizations
Resources, pools, service-profiles in one organization are not available to other organizations
In multi-level configurations if a resource or policy is not found, then the system moves up the hierarchy looking for the same name until found. If UCSM cannot find an applicable policy or available resource in the hierarchy, then it returns an allocation error.
46
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Locales
Locales work in conjunction with Organizations in a multi-tenancy environment to restrict access
Locales tie one or multiple Organizations to a user
More than one Local can be assigned to a single user
Users assigned an Organization has access to all Sub-Organizations in that particular hierarchy
A UCS system can contain up to 48 locales
Users with aaa, admin or operations privileges cannot be assigned a Locale
47
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Locales Configuration
Locales are created under the Admin tab in the User Management User Services menu
To create the locale you can drag/drop the Organization from the list to the pane
48
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Role-Based Access Control (RBAC)
RBAC is a method of restricting or authorizing system access for a particular user
Utilizes Roles and Locales
A Role consist of one or more Privileges that will be assigned to the user
Privileges are very granular
There are a total of 11 default Roles (as of 2.1.1d)
Administrators can create custom Roles by selecting specific Privileges
– Example : A custom Role for KVM-Only access can be created by assigning only the Service Profile Ext Access to the new Role.
Privileges cannot be modified
50
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Role-Based Access Control (RBAC)
51
Default Roles
Network Role Privileges
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Role-Based Access Control (RBAC)
52
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Role-Based Access Control (RBAC)
53
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
RBAC via LDAP Group Maps
LDAP Group Maps allows administrator to associate Active Directory group role with UCS role
If the organization already uses LDAP groups to define authorization policies, then UCSM is expected to use Group membership information to assign the authorization policy (Roles and Locales)
This eliminates the need to define this information for individual users in LDAP
This also helps in scenarios where customers do not like to modify the Active Directory while deploying the UCS
54
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
RBAC via LDAP Group Maps
A maximum of 28 LDAP Group Maps
Support for nested LDAP groups expected in 2.1 Maintenance Release
55
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
LDAP Integration Workflow
56
UCS Admin define Roles and Locales
UCS Admin maps Roles and Locales into LDAP groups
User logs into UCSM
UCSM authenticates user with LDAP
UCSM reads user’s group membership
UCSM applies Roles and Locales based on LDAP Group Map
LDAP Admin defines users
LDAP Admin put user into group
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCS Central Overview
External VM based application
Requires UCSM 2.1(1) or above
VM available for VMware and Hyper-v hypervisors
Allow multiple UCS systems to be managed from a single management tool
Simplifies large scale UCS deployments
Extension of management paradigm
Similar hierarchical presentation to UCSM
– Domains, Domain Groups, Sub-Domains
License done per Domain (pair of Fabric Interconnects)
58
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCS Central Overview
First five (5) Domains do not require a license
Phase 1 features
– Inventory, Fault and Event log aggregation
– Global ID pools, Firmware Upgrades, Backup and Global Admin Policies
Phase 2 features
– Global service-profiles, templates and policies
– Statistic aggregation
59
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Centralized Inventory
60
Domains grouped in tree under the
Domain Groups Cross launch for UCSM or KVM Console
Faults on selected resources
Equipment status and details
Global inventory of all components of UCS organized by Domain
Refreshes on customizable schedule
Tree view of devices similar to UCSM
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Centralized Fault Summary …and Audit logs too!
61
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Automated
Scheduled
Downloads from
Cisco.com
Cisco.com
UCS Central Firmware Library Global Firmware Policies
Firmware Auto Install
Centralized Firmware Upgrade
62
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCS vCenter Plugin
Single point to manage physical and virtual infrastructure
Phase 1 :
– View UCS health & configuration
– Track virtual and physical relationships
– Faults / Events
– Click-to-open UCSM GUI and KVM
Phase 2 :
– Configure UCS
– UCS resource pools
– Associate Service Profiles
– Boot nodes w/Auto Deploy
64
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCSM Statistic Collection Policy
Policy defines
– How frequently stats are to be collected (collection interval)
– How frequently stats are to be reported (reporting interval)
Report Interval Time > Collection Interval Time
Stats can be collected and reported for the following areas :
– Adapter
– Chassis
– Fex
– Host
– Port
– Server
66
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCSM Statistic Collection Policy
Only one (1) default policy per area present which cannot be deleted
New stats collection policies cannot be created
Only modification of the default policy is allowed
67
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
GUI Statistics Collection Display
Since there are several collections per report the UCSM provides a min/max/avg display for each stat
68
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCSM Statistic Threshold Policy
Monitors stats about certain aspects of the system
Generates an event if a threshold is crossed
Minimum and Maximum thresholds can be configured
Threshold policy does not control any hardware, just raises alarms
Available for the following components
– Uplink Ethernet Ports
– Uplink Fibre Channel Ports
– Ethernet server ports
– Server and server components
– Chassis
– Fabric Interconnects
69
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCSM Statistic Threshold Policy
It can be configured via Policy under Server, LAN, SAN or Admin tab
Define Name Define Threshold Classes Define Threshold Definition
70
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
UCSM Statistic Threshold Policy
Once defined it can be added to any service-profile thru the Policies Tab
71
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Backup Operation
Allows the backup of the Domain configuration
There are four (4) types of backup options
– Full state
– All configuration
– System configuration
– Logical configuration
Multiple transport protocol options
– FTP
– TFTP
– SCP
– SFTP
73
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Backup Options
Full State
– Binary file that contains full configuration of system
– Ideal for DR situations
– Cannot be used for an import
All Configuration
– XML file that contains all system and logical configuration of system
– Cannot be used to restore system
– Ideal to import the stored configuration settings back to the same or new UCSM
– Does not include password for Locally Authenticated Users
74
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Backup Options
System Configuration
– XML file that includes all system configurations (username, roles, locales, etc)
– Cannot be used to restore system
– Ideal to import the stored configuration settings back to the same or new UCSM
Logical Configuration
– XML file that includes all logical configurations (Service-profile, VLAN, VSAN, etc)
– Cannot be used to restore system
– Ideal to import the stored configuration settings back to the same or new UCSM
The All Configuration and Logical Configuration options allow the chance to Preserve Identities
– The backup file preserves all identities derived from pools, including the MAC addresses, WWPN, WWNN, and UUIDs
75
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Backup Automation
Backup Export Policy introduced in 2.1(1) release
76
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Takeaways
SNMP has support for large number of MIBs ideal for monitoring system
Smart Call Home expedites the time of resolution by automatic SR creation
Very powerful XML API programmatic interface to assist in many tasks
Multiple authentication methods available
Use of Roles and Locales allow for task to be divided into smaller groups
UCS Central provides single window to multiple UCS Domains
Stats Collection and Threshold Policies can provide insight on traffic patterns
Backup – If you haven’t backup your system, then that is your HOMEWORK!
78
© 2013 Cisco and/or its affiliates. All rights reserved. BRKCOM-2006 Cisco Public
Maximize your Cisco Live experience with your
free Cisco Live 365 account. Download session
PDFs, view sessions on-demand and participate in
live activities throughout the year. Click the Enter
Cisco Live 365 button in your Cisco Live portal to
log in.
Complete Your Online Session Evaluation
Give us your feedback and you could win fabulous prizes. Winners announced daily.
Receive 20 Cisco Daily Challenge points for each session evaluation you complete.
Complete your session evaluation online now through either the mobile app or internet kiosk stations.
79