Microsoft ICE (It is too cold and coooooool)

Would you like to learn how does Microsoft maintain its security audit records effectively? As you may imagine, the size of such data could be extremely large. The one used at Microsoft is 27 Terabytes and counting.

The Microsoft Information Security team uses an internal tool called Information Security Consolidated Event Management (ICE) version 3.0 to gather forensic data from more than 85 proxy servers around the world. Powered by Microsoft SQL Server 2005, this 27-terabyte data management system collects different types of global evidence, such as inbound and outbound e-mail traffic, log-on events, and Web browsing, into a single database.

If you’re interested in this topic, please register for the upcoming webcast. Details below:

·         Title: How Microsoft IT Uses SQL Server 2005 to Power a Global Forensic Data Security Tool (Level 300)

·         Date: Tuesday, June 19, 2007

·         More details:


Best Regards, Bilal Okour

This entry was posted in Computers and Internet. Bookmark the permalink.

One Response to Microsoft ICE (It is too cold and coooooool)

  1. Robert says:

    it would be nice to know the hardware/storage configuration supporting this size database and what type of partitioning they have employed.  Any idea if they will get into that type of detail?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s