...
For the threat analytics service to function properly and for NIOS to properly report detected backlisted domains, you must create and designate a local RPZ RPZs as the mitigation blacklist feed for the entire Grid. Grid. You can add any Response Policy Zones to the list of RPZs from different Network and DNS Views. When a domain is detected as malicious, NIOS will update all RPZs in the list. If you assign an existing RPZ that is used for other purposes as the mitigation blacklist feed, you may experience the following:
...
3. In the Grid Threat Analytics Properties editor, click the DNS Threat Analytics tab, and complete the following:
- Mitigation RPZ: Click Select if you have more than one local RPZ. In the selector, select the RPZ you created specifically for collecting blacklisted domains. If you have only one RPZ in your system, Grid Manager displays it in this field. Click Clear to remove the RPZ as the designated mitigation blacklist feedClick the Add icon to open the Zone Selector dialog box and select the RPZs. You must configure at least one local RPZ. To remove an RPZ, select it from the table and click Delete.
4. Save the configuration.
...