Note : Download Whitepaper by Microsoft
Find out how SQL Server 2005 powers a 27 TB data management system called ICE 3.0 that gathers forensic data from more than 85 Microsoft corporate proxy servers into a single database.
The Information Security team at Microsoft uses an internal tool called Information Security Consolidated Event Management (ICE 3.0) to gather forensic data from more than 85 proxy servers around the world. Powered by SQL Server 2005, the 27 TB data management system collects different types of global evidence, such as inbound and outbound e-mail traffic, Login events, and Web browsing, into a single database. ICE 3.0 provides rapid security analysis and queries, robust proxy performance analysis, and extensive troubleshooting functionality.
This paper assumes that readers are technical decision makers who are already familiar with Microsoft SQL Server 2005, including SQL Server Integration Services (SSIS). This paper also assumes a basic understanding of storage technologies such as Very Large Database Systems (VLDBs) and Storage Area Networks (SANs). This paper also discusses the concept of global forensic security systems.
Abstract courtesy : Microsoft
Reference : Pinal Dave (https://blog.sqlauthority.com)