To force end users to establish an HTTPS session with the CMP system:
Exchange and import SSL certificates between the CMP server and the workstation.
Enable the firewall on the CMP server.
Enable prefer custom.
Create two customized firewall rules (one for port 80 and one for port 8080) where the allowed host is 0.0.0.0/32.
Note: Because the ports 80 and 8080 conflict with the factory rule that allows anyone access to these ports, using the prefer custom option discards this rule, and instead uses the custom rule which allows only 0.0.0.0 to connect via 80 or 8080, which locks down the unencrypted HTTP ports.