If you do not want to expose your Security Center servers publicly, you can override those ports so that only the mobile role is accessible.
By default, the Mobile Server role uses
ports 80 and 443.
If you do not want to expose your Security Center servers publicly, you can override those ports so that only the mobile role is accessible.