NotePredictive Machine Learning is supported with version 11.0+ agents. For details
on which platforms support this feature, see Supported features by platform.
|
Use Predictive Machine Learning to detect unknown or low-prevalence malware. (For
more information, see Predictive
Machine Learning.)
Predictive Machine Learning uses the Advanced Threat Scan Engine (ATSE) to extract
file features and sends the report to the Predictive Machine Learning engine on the
Trend Micro Smart Protection Network.
As with all detected malware, Predictive Machine Learning logs an event when it
detects malware. (See Events collection in Server & Workload Protection.) You
can also create an exception for any false positives. (See Create
anti-malware exceptions.)
Enable Predictive Machine Learning
Predictive Machine Learning is configured as part of a real-time scan
configuration that is applied to a policy or individual computer. (See Configure malware scans.) After you configure the scan
configuration, apply it to a policy or computer.
NotePredictive Machine Learning protects only the files and directories that
real-time scan is configured to scan. See Specify the files to scan.
|
These settings can only be applied to real-time scan configurations.
NoteFor macOS agents, only the Quarantine action is supported.
|
Procedure
- Go to .
- Select the real-time scan configuration to configure and click
Details.You can also create a new real-time scan configuration if desired.
- On the General tab, under Predictive Machine
Learning, select Enable Predictive Machine Learning.
In the Action to take list, choose the remediation action that
you want Server & Workload Protection to take when it
detects malware:
- Quarantine (recommended): Moves the infected file to the quarantine directory on the protected computer. The quarantined file can be viewed and restored in .
- Pass: Allows full access to the infected file without doing anything to the file. (An Anti-Malware Event is still recorded.)
- Delete: On Linux, the infected file is deleted without a backup. On Windows, the infected file is backed up and then deleted. Windows backup files can be viewed and restored in .
- Click OK.
- Open the policy or computer editor to which you want to apply the scan
configuration and go to .
- Ensure that Anti-Malware State is On or
Inherited (On).
- In the Real-Time Scan section, select the malware scan
configuration.
- Click Save.