https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107043#M3823 <P>Hi</P> <P>&nbsp;</P> <P>from sk171213:</P> <P><A class="checkpoint_toggle" target="_blank">How to determine if the patch is installed?</A></P> <DIV id="Q1033"> <BLOCKQUOTE>There are several recommended options:<BR /> <UL> <LI>Look at the patch logs for success/failure messages when using the EPPatch.msi – For more information, follow<SPAN>&nbsp;</SPAN><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk171275" target="_blank" rel="noopener">sk171275</A>.</LI> <LI>Look for the file version of the epklib.sys itself (C:\windows\system32\drivers\) and validate that the version is the same as or higher than 8.60.5.7253</LI> <LI>To use Check Point's Compliance blade to examine the outdated driver that needs replacement (by checking the version) – follow<SPAN>&nbsp;</SPAN><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk171279" target="_blank" rel="noopener">sk171279</A>.</LI> </UL> </BLOCKQUOTE> </DIV> Tue, 05 Jan 2021 15:23:09 GMT Lior_Arzi 2021-01-05T15:23:09Z https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107041#M3822 <P>Unfortunately, my organization had to manually install the 80.81 - 81.10 patch to all our endpoints.&nbsp; Now that we are in the new year is there a command I can run to see what clients are still unpatched? Or clients that have attempted to connect but are unable to because they are not patched?</P> Tue, 05 Jan 2021 15:13:06 GMT https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107041#M3822 Nelson_Custodio 2021-01-05T15:13:06Z https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107043#M3823 <P>Hi</P> <P>&nbsp;</P> <P>from sk171213:</P> <P><A class="checkpoint_toggle" target="_blank">How to determine if the patch is installed?</A></P> <DIV id="Q1033"> <BLOCKQUOTE>There are several recommended options:<BR /> <UL> <LI>Look at the patch logs for success/failure messages when using the EPPatch.msi – For more information, follow<SPAN>&nbsp;</SPAN><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk171275" target="_blank" rel="noopener">sk171275</A>.</LI> <LI>Look for the file version of the epklib.sys itself (C:\windows\system32\drivers\) and validate that the version is the same as or higher than 8.60.5.7253</LI> <LI>To use Check Point's Compliance blade to examine the outdated driver that needs replacement (by checking the version) – follow<SPAN>&nbsp;</SPAN><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk171279" target="_blank" rel="noopener">sk171279</A>.</LI> </UL> </BLOCKQUOTE> </DIV> Tue, 05 Jan 2021 15:23:09 GMT https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107043#M3823 Lior_Arzi 2021-01-05T15:23:09Z https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107045#M3825 <P>Thanks but I was hoping for something I can pull remotely through the logs.&nbsp; I also don't own the compliance blade</P> Tue, 05 Jan 2021 15:31:55 GMT https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107045#M3825 Nelson_Custodio 2021-01-05T15:31:55Z https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107049#M3826 <P>If you have our Endpoint Security you automatically have the license for our compliance.</P> <P>you can use it to query it remotely as described in&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk171279" target="_blank" rel="noopener noopener noreferrer">sk171279</A><SPAN>.</SPAN></P> Tue, 05 Jan 2021 15:49:42 GMT https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107049#M3826 Lior_Arzi 2021-01-05T15:49:42Z https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107092#M3831 <P>Perhaps you could also take a look to this oneliner ...</P><P><BR /><A href="https://community.checkpoint.com/t5/Scripts/Endpoint-Versions-ONELINER/m-p/106988#M737" target="_blank">https://community.checkpoint.com/t5/Scripts/Endpoint-Versions-ONELINER/m-p/106988#M737</A></P> Tue, 05 Jan 2021 21:53:48 GMT https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107092#M3831 rrbranco 2021-01-05T21:53:48Z https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107113#M3833 <P><a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/823">@Nelson_Custodio</a>&nbsp;</P><P>Open your logs and paste in this query:</P><P><SPAN>action:"Log In" AND ("Endpoint Security") AND (E80.81 or E80.82 or E80.83 or E80.84 or E80.85 or E80.86 or E80.87 or E80.88 or E80.89 or E80.90 or E80.92 or E80.94 or E80.95 or E80.96 or E80.97 or E81.00 or E81.10)</SPAN></P><P>Then you will find all the clients with the old versions still trying to connect. Take a look at 7 days to catch the most recently.&nbsp;</P> Wed, 06 Jan 2021 08:31:07 GMT https://community.checkpoint.com/t5/Endpoint/Finding-endpoints-that-have-not-received-the-1-1-2021-VPN-Patch/m-p/107113#M3833 ED 2021-01-06T08:31:07Z