Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Configuring Predictive Machine Learning Settings in OfficeScan XG Service Pack 1 (SP1)

    • Updated:
    • 12 Apr 2019
    • Product/Version:
    • OfficeScan XG.All
    • Platform:
    • N/A N/A
Summary

Trend Micro Predictive Machine Learning uses advanced machine learning technology to correlate threat information and perform in-depth file analysis to detect emerging unknown security risks through digital DNA fingerprinting, API mapping, and other file features. Predictive Machine Learning also performs a behavioral analysis on unknown or low-prevalence processes to determine if an emerging or unknown threat is attempting to infect your network.

Predictive Machine Learning is a powerful tool that helps protect your environment from unidentified threats and zero-day attacks.

Details
Public
 

Predictive Machine Learning requires that you enable the following services:

  • Unauthorized Change Prevention
  • Advanced Protection Service

For more information, see Enabling or Disabling the Agent Services from the Web Console.

To configure Predictive Machine Learning Settings:

  1. Go to Agents > Agent Management.
  2. In the agent tree, click the root domain icon to include all agents or select specific domains or agents.
  3. Click Settings > Predictive Machine Learning Settings.

    The Predictive Machine Learning Settings screen will appear.

  4. Select "Enable Predictive Machine Learning".
  5. Under Detection Settings, select the type of detections and related action that Predictive Machine Learning takes.
    Detection TypeActions
    File
    • Quarantine: Select to automatically quarantine files that exhibit malware-related features based on the Predictive Machine Learning analysis
    • Log only: Select to scan unknown files and log the Predictive Machine Learning analysis for further in-house investigation of the threat
    Process
    • Terminate: Select to automatically terminate processes or scripts that exhibit malware-related behaviors based on the Predictive Machine Learning analysis
       
      Predictive Machine Learning attempts to clean the files that executed the malicious processes or scripts. If the clean action is unsuccessful, Predictive Machine Learning quarantines the affected files.
    • Log only: Select to scan unknown processes or scripts and log the Predictive Machine Learning analysis for further in-house investigation of the threat
  6. Under Exceptions, configure the global Predictive Machine Learning file exceptions to prevent all agents from detecting a file as malicious:
    1. Click Add File Hash.

      The Add File to Exception List screen will appear.

    2. Specify the file SHA-1 hash value to exclude from scanning.
    3. Optionally provide a note regarding the reason for the exception or to describe the file name(s) associated with the hash value.
    4. Click Add.

    Predictive Machine Learning will add the file hash to the Exceptions list.

  7. If you selected domain(s) or agent(s) in the agent tree, click Save.

    If you clicked the root domain icon, choose from the following options:

    • Apply to All Agents: Applies settings to all existing agents and to any new agent added to an existing/future domain. Future domains are domains not yet created at the time you configured the settings.
    • Apply to Future Domains Only: Applies settings only to agents added to future domains. This option will not apply settings to new agents added to an existing domain.
Premium
Internal
Rating:
Category:
Configure
Solution Id:
1122476
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.