NotePredictive Machine Learning requires that you
enable the following services:
|
Procedure
- Select Enable Predictive Machine Learning.
- Configure the Monitoring Level settings for Detection and Prevention.
Important
-
Higher monitoring levels provide greater sensitivity but might generate a large number of nonessential logs and impact endpoint performance. Trend Micro recommends selecting 2 - Moderate for more relevant data with minimal impact on your endpoints.
-
The Prevention level must be the same or lower than Detection.
-
- Under Detection Settings,
select the type of detections and related action that Predictive Machine
Learning takes.Detection TypeActionsFile
-
Quarantine: Select to automatically quarantine files that exhibit malware-related features based on the Predictive Machine Learning analysis
-
Log only: Select to scan unknown files and log the Predictive Machine Learning analysis for further in-house investigation of the threat
Process-
Terminate: Select to automatically terminate processes or scripts that exhibit malware-related behaviors based on the Predictive Machine Learning analysis
Important
Predictive Machine Learning attempts to clean the files that executed the malicious processes or scripts. If the clean action is unsuccessful, Predictive Machine Learning quarantines the affected files. -
Log only: Select to scan unknown processes or scripts and log the Predictive Machine Learning analysis for further in-house investigation of the threat
-
- Under Exceptions,
configure the global Predictive Machine Learning file exceptions to prevent all
agents from detecting a file as malicious.
- When configuring a parent policy, specify how other
users can configure child policies.
-
Inherit from parent: Child policies must use the settings configured in the parent policy
-
Extend from parent: Child policies can append additional settings to the settings inherited from the parent policy
Note
If your child policies Extend from parent, you can configure Child Policy Restrictions to prevent child policies from adding specified rules to the Rule Exceptions list.
-
- Click Add File Hash.The Add File to Exception List screen appears.
Note
Use the Import and Export buttons to share the list with different policies. - Specify the file SHA-1 hash value to exclude from scanning.
- Optionally provide a note regarding the reason for the exception or to describe the file name(s) associated with the hash value.
- Click Add.Predictive Machine Learning adds the file hash to the Exceptions list.
- When configuring a parent policy, specify how other
users can configure child policies.