Views:
Due to the CentOS EOL (end of life) on June 30, 2024, TrendAI Vision One™ Zero Trust Secure Access has adopted Rocky Linux as the preferred OS for the Private Access Connector 3.0 upgrade. As a result, you cannot upgrade from 2.x to 3.0 connectors in-place. Instead, you need to follow a rolling update pattern for the installation:
  1. Deploy new 3.0 connectors into your existing connector groups
  2. Verify the new connectors are healthy and serving traffic
  3. Decommission the old 2.x connectors
When the new connector is added to an existing group, it automatically inherits the group's configuration — including access rules, application assignments, and network settings. No manual reconfiguration is required.
Tip
Tip
To minimize risk, migrate one connector group at a time. Confirm each group is fully operational on 3.0 before proceeding to the next.

Prerequisites Parent topic

  • Verify that your target hardware or VM environment meets the 3.0 system requirements
  • Ensure you have capacity to run both old and new connectors simultaneously during the upgrade window

Upgrade the connector Parent topic

Procedure

  1. Deploy the new 3.0 connectors:
    1. In the TrendAI Vision One™ console, go to Zero Trust Secure AccessSecure Access ConfigurationPrivate Access Configuration.
    2. Locate your existing connector group and click the Add connector (+) icon.
    3. Follow the deployment steps for your platform, using the registration token provided.
    The new 3.0 connector is added to the group and inherits all existing configurations automatically.
  2. After deployment, confirm the new connectors are operating correctly:
    1. In the TrendAI Vision One™ console, verify each new connector shows a Connected status under its connector group.
    2. Confirm the connector version shows 3.0.x.
    3. Test connectivity to internal applications through the new connectors.
    At this point, both 2.x and 3.0 connectors are active in the group and serving traffic.
  3. Once you have verified the 3.0 connectors are healthy, decommission the 2.x connectors:
    1. Shut down the 2.x connector VMs. Do not delete the VMs until migration is complete.
    2. Repeat for each 2.x connector in the group. The Secure Access Module agents will shift to the remaining 3.0 connectors as each 2.x connector is removed.

Roll back the upgrade Parent topic

If you encounter issues with the 3.0 connectors during migration, you can revert to the previous version while you investigate.

Procedure

  1. Shut down the 3.0 connector VMs in the affected group.
  2. Restart the original 2.x connector VMs.
  3. In the console, verify that the 2.x connectors show a Connected status and are serving traffic.
  4. Do not delete the 3.0 connector VMs until you have confirmed that the 2.x connectors are fully operational.