Expanding on this, in case there's some confusion. Check Point's product involves several parts.
SmartConsole goes on a Windows workstation. It is the visual interface which lets you define objects and rules, but it doesn't store any of them, and it doesn't process traffic.
SmartCenter is an application which is often installed on Check Point's OS. For a while, it could be installed on Windows, Solaris, or Redhat, but I don't know if that is still the case. It is a service which stores the objects and rules defined using SmartConsole. It has no GUI of its own, though you can interact with current versions using an API, and a command-line tool which interacts with this API. It is not involved in processing traffic.
I no longer know the proper name for the firewall itself (it was Firewall-1 for a while, then VPN-1), but it's a separate piece of software. For a while, it could be installed on Windows, Solaris, or Redhat, but this was really rare, and I'm pretty sure that hasn't been supported in years. Remotely current firewalls mostly run Check Point's "appliance" OS, GAiA. The firewall filters traffic, but has no GUI of its own, and has very limited ability to change the filtering configuration.
The SmartCenter and the firewall can be installed on the same system (called a "standalone deployment"), or you can have one SmartCenter which manages one or more firewalls (called a "distributed deployment".
The SmartConsole version and the SmartCenter version must match.
In a standalone deployment, SmartCenter and firewall version must match.
In a distributed deployment, a SmartCenter of a given version can manage several earlier firewall versions. For example, R80.20 can manage R77 firewalls. Some SmartCenter versions can manage newer minor versions. For example, SmartCenter R80.20 can, with an update, manage R80.40 firewalls, but it cannot manage R81.
