Then you are fine , but just fire up sngrep and watch all the bogus sh!t you will need to cover with your firewall/fail2ban/IDS (sngrep looks at traffic prior to your ‘protections’). I also have a largish customer base, my network IDS monitoring is as busy as the whirlpool guy is and has been for many years .
How are you dropping traffic at your firewall in front of FreePBX when your port forwarding port 5060 to freepbx?? Are you ONLY USING remote phones at sites that have static wan IP’s that your whitelisting and dropping everything else??? If thats the case your network is small and you don’t have a large road warrior base and work from home clientele with dynamic IP’s…
You keep saying filter/drop traffic at your firewall but provided zero explanation what/how your dropping traffic…
There is no arguing with your confidence. Some will continue to disagree with you though.
A good firewall would have port-scanning rules that will cut that dead in very short order, do you have them ?, and there is yet another border control you might want to consider. TLS and enforced SNI with a TCP proxy is another concept that will completely hide your system in 2022