A Software Defined Perimeter (SDP) for access is highly recommended due to the fact that attacks are still successful despite all the above layers being in place. This is evident from the large list of high profile attacks on websites and applications across the globe.
A Software Defined Perimeter has the following primary benefits:
Enables you to hide all information of the application such as the DNS and IP address information. This effectively makes the application invisible to all users.
User and device identity are verified before access to application is granted
Access is allowed only to specific applications based on the trust of the user and device status