Just like almost every FIPS 140 validated crypto module has a "FIPS mode" that is what was validated but is never actually used in production, even by government customers.
Beyond getting slower updates, etc, FIPS mode has the unintentional side effect of being the "look at me I have interesting stuff" flag for potential attackers. It is usually quite easy to determine remotely that a networked device is in FIPS mode, too (due to allowed crypto protocols, etc).
Beyond getting slower updates, etc, FIPS mode has the unintentional side effect of being the "look at me I have interesting stuff" flag for potential attackers. It is usually quite easy to determine remotely that a networked device is in FIPS mode, too (due to allowed crypto protocols, etc).