Hoping there are other Spiceheads out there working at a Michigan local government to discuss this...
We're being told that MSP CJIS is requiring FIPS compliant encryption on any connection between buildings where CJIS data passes. I can see this being a requirement when that connection is running over a public connection over the internet, but our entire network is comprised of dark fiber or point-to-point T1s. Even so, shouldn't this be a requirement of the applications that passes this sensitive data rather than encrypt the entire location's data (email, web browsing, etc.)?
I can't speak for other local governments, but this would require us to purchase all new edge switches as FIPS compliace was not one of our bid specifications when purchasing all new switches back in 2009.