Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Mike-H
Explorer

Detecting Check Point Disk Encryption with NAC

Hello, 

We're in the process of deploying a NAC solution, and would it to flag machines with/without check point disk encryption, installed via Check Point Endpoint. 

Are there any "markers" we could check for to confirm the disk is encrypted? (Reg keys, services, log files in folders etc) 

Thanks

Mike

0 Kudos
7 Replies
PhoneBoy
Admin
Admin

There are two ways to encrypt the disk: with Bitlocker or with our own implementation. 
Our own implementation will have a unique boot partition (our pre-boot environment).

0 Kudos
Mike-H
Explorer

Thanks, 

We're migrating away from Bitlocker, and over to the CP Implementation. I'll see if we can do something to check for the partition. 


0 Kudos
yuris
Employee
Employee

Hello Mike,
Encryption status easy to see in Endpoint UI on client and on management server as well.
Can you please clarify your request?
What exactly you mean when you say "markers"? Are you want to check for encryption status programmatically or from script?
Thanks,
Yuri 

Mike-H
Explorer

Hi Yuris, 

You're correctly, we're aiming to check encryption status pragmatically via a script. This is to surface any devices which are not yet encrypted and flag them as at risk.

Thanks

Mike 

0 Kudos
yuris
Employee
Employee

Hi Mike,

One of the possible options is to run client side utility called fdecontrol.exe and get-status command line parameter and check output for encryptionState value which will contain 3 when the disk is encrypted.

Thanks,
Yuri

(1)
Mike-H
Explorer

Thank you Yuris, 

We will give that a go and feedback.

0 Kudos
Valerio5286
Participant

Hi Yuris.

Is there documentation where I can consult the meaning of each of the get-status responses?

Thanks.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events