Yes, definitely.
You should consider all servers running a vulnerable OpenSSL installation to be compromised. You'll need to rekey all your certificates.
Do not trust the fact that "the servers are internal" because if your perimeter has been breached you will most likely know only after the fact.
Personally, I tend to treat internal services with the same process I use for external services, they just come second on the list.
Yes, definitely.
You should consider all servers running a vulnerable OpenSSL installation to be compromised. You'll need to rekey all your certificates.
Do not trust the fact that "the servers are internal" because if your perimeter has been breached you will most likely know only after the fact.
Personally, I tend to treat internal services with the same process I use for external services, they just come second on the list.