The domains it is listing are not the false positives. However if you have your dns forwarding to a remote dns instead of the utm this is the result. You need to have your workstations access the utm as their priary dns. However for those with AD or some other internal dns you also need to setup request routing so that AD(or LDAP) queries get routed to the appropriate internal dns server. otherwise the utm has no way to discriminate which workstation/client/device is making the request triggering the ATP alerts.
The domains it is listing are not the false positives. However if you have your dns forwarding to a remote dns instead of the utm this is the result. You need to have your workstations access the utm as their priary dns. However for those with AD or some other internal dns you also need to setup request routing so that AD(or LDAP) queries get routed to the appropriate internal dns server. otherwise the utm has no way to discriminate which workstation/client/device is making the request triggering the ATP alerts.
