Security update for connectors

EAA allows in-place patches for your connectors when there are security vulnerabilities.

An EAA administrator can apply in-place patches to their connectors in between EAA releases when there are security vulnerabilities that require kernel updates.

The EAA administrator is alerted when connectors’ operating system (Connector OS) has vulnerabilities. They can apply security patches with minimal downtime, thereby improving productivity for users. The administrator can pick off-peak hours that work best for the organization. If there are any failures encountered during the upgrade, the administrator can Akamai contact support. During the upgrade, the connector cannot serve traffic. To minimize interruption, EAA will automatically choose alternative connectors available for each application if it has been configured.

If you have a second connector that is associated with the applications and directories, that can be used as a backup while the security upgrade is completed for the connector with security vulnerability.

An EAA connector can be in these states:

Connector states
Connector state Description
, Connector image can be downloaded and installed in your virtual environment.
Connector has finished setup on the virtual machine in the datacenter or public cloud and has reached out to EAA Cloud for approval. Admin should click approve to start the connector.
EAA Cloud (cloud proxy) cannot reach the connector due to network issues or the virtual machine is down.
The connector is running fine. No security vulnerabilities are present.
The connector has a security vulnerability.
The connector is running fine. A previous update was successfully installed. It does not have any vulnerabilities.
The connector is running but, it has vulnerabilities. A previous update has failed. Re-run the security update to fix the vulnerability. If it still persists, contact Akamai support.

Based on these states the admin can know if the health of the connector is okay, or it has a security vulnerability and must be updated.