Maybe worth noting that TrueNAS added FIPS in 2024:

* https://www.truenas.com/blog/truenas-security-in-2024/

Are Ubiquiti products commonplace for companies that contract with the US government outside of the DoD/DoW?

Since DoD/DoW generally requires STIG compliance, and none authored are for any specific Ubiquiti product, we can cross that off the list. Sure they can get exceptions or use a more generalized STIG but stakeholders generally have pre-defined limitations on what they will and will not allow on networks they sponsor.

Not really deal breaker for most customers