The information below originates here. It is presented below to enable community contribution.

Forefront Client Security stores data about the malware found in your organization. The size requirements of your databases depend on a number of factors. Each managed computer sends data to the collection server. This data is stored in the collection database first and then is moved to the reporting database for long- term storage. These databases' growth rate depends on the following factors:

  • Number of managed computers
  • Frequency of malware occurrence
  • Number of security state assessment (SSA) vulnerabilities discovered
  • Number and types of scans performed

Data retention

The amount of time you need to retain data for reporting purposes will also affect your database sizes. By default, the reporting database retains data for 395 days (one year and one month). You can modify the retention period by using a SQL Server stored procedure added by Microsoft Operations Manager (MOM) 2005.


Autogrow should not be used in place of proper database planning; however, enabling autogrow is supported on the following databases and logs:
  • OnePoint Log
  • System Center Reporting Database
  • System Center Reporting Log

Autogrow is not suported for the OnePoint database. 

You can also reduce the need for database space at a cost to your ability to report and track long term data.

When reducing the size of the reporting database, it is important to do so incrementally, in small steps; data is removed from the database at the next grooming job cycle, and removal of a large amount of data may cause the grooming job to time out.

You can also increase the retention period to lengthen your reporting capabilities. Increasing the retention period in the reporting database will lengthen the amount of time it takes to complete the transfer of data from the collection database to the reporting database (the DTS transaction). If it is necessary to retain Client Security data longer than 395 days, after increasing the data retention period, monitor the duration of the DTS transaction.


Increasing the data retention period can adversely affect the performance of the SQL Server computer hosting the reporting database. You should not increase the data retention period unless that server has sufficient resources. For information about the system requirements for Client Security, see System requirements for Client Security.

For information about the DTS transaction performance and database sizing, see Database sizing in the Client Security Performance and Scalability Guide (

For information about changing the data retention period for the reporting database, see Knowledge Base article 887016 (