Locking down ports provides security for traffic in general.
It depends on what concerns you have. If you are afraid that voice traffic will be eavesdropped you can use a VPN to encrypt it as long as you can do VPN with the remote offices.
If you are worrying about outsider's getting access to your call manager don't open the call manager management ports from the outside.
Also with a router you can do Firewalling pretty well to limit amount of connections towards the call manager etc.
I hope it helps.
PK