No, I mean iptables is set up so SIP packets other than established/related are dropped if they don’t contain the domain name. A simplified example:
Combined with Apache configuration that rejects requests without the proper domain (admin GUI, UCP, provisioning, etc.) an attacker that doesn’t know the name will not even be able to discover that you have a PBX.