Hi,
Security and Connection servers are one-to-one mapping. Hence based on the current setup, if you are planning to deploy fail over servers for both internal and external customers you definitely need another pair of Connection & Security server.
1. Also, with that being said, I was told by VMWare that I could stand up the Replica Connection server with no impact on uptime on the Primary Connection Server. I assume that is true.
Answer - Yes, that is Correct.
2. If I do need a Secondary Security Server, is that same statement also true?
Answer - Yes, Installing new Security server instance should not impact existing setup.