In the May 24, 2011 comic, Dilbert discusses a firewall failure with boss man:
A teaching moment
Firewalls have two possible failure modes: closed, where no traffic passes through the firewall until the system is restored to a normal operating state, and open, where traffic does pass through while the system is in an error state.
Apparently, Dilbert's is a "fail open" firewall. The consequence of failing open is quite obvious: lots of stuff that would otherwise be blocked enters the network. This is the same effect as a breach of an outer wall of a fortress, (Historically, the assault would be led by a Forlorn Hope rather than mole people from another dimension but the mole people image probably imprints better in the 21st century. Well, technically, what Dilbert calls mole people would properly be called sappers, and they'd have been the cause of the breach. )
Fail open is bad. Of course, fail closed has the same effect as if you lose your connection to the Internet or are the victim of a denial of service attack so it's bad, too.
Another teaching moment
When you rely on one firewall to protect your network, you have a single point of failure in your security perimeter and you face the dilemma of having to choose between fail open or fail closed. If neither of these is a satisfactory solution for your organization (especially true if web presence is a business imperative), consider a high availability firewall deployment. Run two firewalls in tandem. The firewalls must be able to remain in constant touch with each other with a "heartbeat" protocol. If one firewall fails, the other firewall detects this and begins to process traffic according to your policy little or no interruption.
A number of commercial firewalls support high availability as well as redundant Internet conections. Search and ye shall find.