If DoD actually do have a list of vetted and hardened products, that WOULD be a very good baseline for if you care about security at all.

Only if there’s independent verification that they are actually hardened and not backdoored. Certain US TLAs have been known to lie about these matters-- consider NSA’s attempts to slip backdoors into some crypto standards a few years ago.