SC-7(6) — Response to Recognized Failures

When a firewall or boundary protection device fails, it must fail in a secure state — either blocking all traffic (fail-closed) or alerting immediately so administrators can respond.

Example 1: Configure your perimeter firewall for fail-closed operation. If the firewall software crashes or the device loses power, no traffic passes through. Deploy a high-availability pair so the standby unit takes over within seconds.

Example 2: Set up SNMP traps and syslog alerts from your firewall to your SIEM so that any device failure — hardware fault, process crash, HA failover — triggers an immediate notification to your security team with a documented response procedure.