The purpose of this white paper is to share architecture, design, and deployment considerations of and discuss the knowledge gained during the Microsoft implementation of SQL Server 2005 to power a global forensic security tool. Additionally, this paper demonstrates the value of current Microsoft products for capturing, filtering, organizing, storing, and analyzing network event data from a widely dispersed, complex corporate environment. This paper introduces the technologies employed, discusses the business case for the project, and describes the development and deployment effort to implement the solution.

Many of the principles and concepts described in this paper can be employed to develop systems that capture and warehouse very large volumes of data within any organization. Similarly, the design considerations for data capture and storage infrastructures can be applied to most enterprise-scale IT environments through Microsoft products. However, this paper is based on Microsoft Information Technology's (IT) experience and recommendations as an innovator. It is not intended to serve as a procedural guide. Each enterprise environment has unique circumstances; therefore, each organization should adapt the plans and lessons described in this paper to meet its specific needs

For more information, please go refer to the whitepaper and/or webcast.