My organisation would like to start switching clients over to TLS 1.2. There does not appear to be a way inside SQL Server to determine which version of TLS the clients/server was negotiated. Though it may be possible to crack open the network packets from each application this would be an arduous task. Being able to easily determine the TLS version would enable administrators to easily identify clients/applications using the older protocol and update them accordingly. Security could then be improved by disabling older versions of the protocol.