Views:
June 24, 2026—Zero Trust Secure Access Private Access Connector version 3.5.0.2000 delivers new features, enhancements, and resolved issues.
New features
  • Replaced the Docker-based fluent-bit container with an OS-native fluent-bit package for log streaming, improving compatibility and reducing dependencies. Upgrading requires a new base OS image with fluent-bit pre-installed.
  • command to list all available region codes.
  • The connector now automatically generates a new identity when a VM clone is detected, preventing cloned VMs from sharing the same connector identity. Cloned VMs must re-register on first boot.
Enhancements
  • Improved CLI output formatting: show apps, show interface, show proxy now display formatted tables instead of raw JSON; show proxy prints an explicit message when not configured.
  • Refactored session count and connection-close logging to reduce excessive log volume.
  • Restricted DNS caching to Private Access applications only.
  • Adjusted memory check threshold and interval.
  • Reduced keep_alive interval to increase ping frequency under unstable network conditions, minimizing misjudgment of Connector health status.
  • Updated OVF to fix power-on failure on ESXi 8.x. Minimum ESXi version is now 7.0 U1; drops ESXi 6.5/6.7 support.
  • Updated HyperV template to version 9 for wider compatibility (Windows Server 2019+); disabled secure boot.
  • Set /etc/os-release PRETTY_NAME to "TrendAI Vision One Private Access Connector".
  • Updated 83 Rocky 9 base packages via dnf update --exclude=kernel*; added dnf clean all and fstrim to reduce image size.
  • Bumped base OS build from 9 to 11.
  • Switched to new base OS image with fluent-bit package pre-installed.
  • Updated ZTNA Network Proxy to latest version.
Resolved issues
  • Fixed a firmware upgrade crash caused by a missing is_failsafe_mode import, which prevented all firmware upgrade and download operations from completing.
  • Fixed firmware upgrade race condition.
  • Fixed connectiontest auto failing with "could not determine region" after in-place upgrade.
  • Fixed race condition impacting heartbeat delivery and Connector metrics reporting.
  • Fixed GCP registration failures caused by log file permission race condition at boot.
  • Fixed guac container version mismatch.
  • Fixed pam_cnt syslog identity overriding sshd.
  • Fixed NTP force-update calling chronyc while the chronyd daemon is stopped.
  • Fixed incorrect rollback target version in CLI.