Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Fail Close

Training Camp • Cybersecurity Glossary

What is Fail Close?

A design principle where a system denies access by default when it fails, prioritizing security over availability (fail-secure, fail-safe).

Glossary > Network Security > Fail Close

Fail Close — A design principle where a system denies access by default when it fails

Understanding Fail Close

Fail close (or fail-secure) is a security design principle in which a system defaults to denying access when a component, control, or power source fails. Rather than allowing traffic or entry during an error condition, a fail-close system locks down, prioritizing security and confidentiality over availability so that a failure cannot be exploited to gain unauthorized access.

The principle is implemented by defining the default state that takes effect when normal operation is interrupted. A fail-close firewall drops all packets if its rule engine crashes or its policy cannot be evaluated. A fail-close electronic door lock stays locked when power is lost. A fail-close authentication gateway refuses logins if it cannot reach the identity provider. The opposite design, fail open (fail-safe), allows access on failure and is chosen where availability or human safety, such as evacuation routes, outweighs the risk of unauthorized access. Choosing between them is a deliberate risk decision tied to the asset being protected.

Fail close matters because failures are exactly when attackers strike, and a poorly chosen default can turn an outage into a breach. A firewall or proxy that fails open during a crash or a deliberate denial-of-service could pass malicious traffic straight through, bypassing all inspection. Designing critical security controls to fail close ensures that even total component failure leaves the system in a protected state, supporting the principle of secure defaults. The tradeoff is availability: a fail-close control can cause an outage, so it must be paired with redundancy and monitoring.

For example, a web application firewall protecting a banking portal is configured fail close. When the WAF process becomes unresponsive, the load balancer stops passing traffic to the backend rather than letting unfiltered requests through. Customers temporarily cannot reach the site, an availability cost, but no request reaches the application without inspection, preventing an attacker from exploiting the outage to bypass security controls.

Learn More About Fail Close:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →