SCSP's "firewall" (Network Control) works at the Application Layer. It blocks applications/processes from establishing a connection to the network stack.
This means that SCSP will allow/deny applications the ability to listen/send on a TCP or UDP port.
So, any other firewall will block network traffic at the network layer, while SCSP blocks at the application layer. Both SCSP Network Control and a host based firewall can co-exist.
As far as precedence, it is kind of like comparing apples and oranges. SCSP will block anything from listening or transmitting at the application level, while a "regular" firewall will intercept the network traffic and drop packets that are destined to ports that are configured to be blocked.