No, you don't have to because NAT with an ID (in your case) will take precedence over NAT with ID being ZERO. So, if you have the above stamt along with the new one, the one you will be adding will be translated to the global IP and rest will go untranslated.
Regarding whether you need to use ACL, that depends on your security policy. If you want to allow only a specific host then you can create the ACL and apply on the DMZ interface, but this is not required.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...