Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Nelson_Custodio
Explorer

Finding endpoints that have not received the 1/1/2021 VPN Patch

Unfortunately, my organization had to manually install the 80.81 - 81.10 patch to all our endpoints.  Now that we are in the new year is there a command I can run to see what clients are still unpatched? Or clients that have attempted to connect but are unable to because they are not patched?

0 Kudos
5 Replies
Lior_Arzi
Employee
Employee

Hi

 

from sk171213:

How to determine if the patch is installed?

There are several recommended options:
  • Look at the patch logs for success/failure messages when using the EPPatch.msi – For more information, follow sk171275.
  • Look for the file version of the epklib.sys itself (C:\windows\system32\drivers\) and validate that the version is the same as or higher than 8.60.5.7253
  • To use Check Point's Compliance blade to examine the outdated driver that needs replacement (by checking the version) – follow sk171279.
Nelson_Custodio
Explorer

Thanks but I was hoping for something I can pull remotely through the logs.  I also don't own the compliance blade

0 Kudos
Lior_Arzi
Employee
Employee

If you have our Endpoint Security you automatically have the license for our compliance.

you can use it to query it remotely as described in sk171279.

0 Kudos
rrbranco
Participant

0 Kudos
ED
Advisor

@Nelson_Custodio 

Open your logs and paste in this query:

action:"Log In" AND ("Endpoint Security") AND (E80.81 or E80.82 or E80.83 or E80.84 or E80.85 or E80.86 or E80.87 or E80.88 or E80.89 or E80.90 or E80.92 or E80.94 or E80.95 or E80.96 or E80.97 or E81.00 or E81.10)

Then you will find all the clients with the old versions still trying to connect. Take a look at 7 days to catch the most recently. 

0 Kudos