MySQL Enterprise Firewall is based on a plugin library that includes these elements:
A server-side plugin named
MYSQL_FIREWALLexamines SQL statements before they execute and, based on its in-memory data cache, renders a decision whether to execute or reject each statement.
Server-side plugins named
INFORMATION_SCHEMAtables that provide views into the in-memory firewall cache.
Tables in the
mysqlsystem database provide persistent backing storage of firewall data.
Stored procedures perform tasks such as registering firewall subjects (entities to which the firewall applies), establishing their operational mode, and managing transfer of firewall data between the in-memory cache and persistent storage.
User-defined functions provide an SQL-level API for lower-level tasks such as synchronizing the cache with persistent storage.
System variables enable firewall configuration and status variables provide runtime operational information.