Sealing a vault tells the Vault server to stop responding to any access operations until it is unsealed again. A sealed vault throws away its master key to unlock the data, so it physically is blocked from responding to operations again until the Vault is unsealed again with the "unseal" command or via the API.