ISE feature에 관해서 공부해 보자구요

Cisco ISE Feature or Service	License
	Base	Device Admin	Plus	Apex
Basic RADIUS authentication, authorization, and accounting, including 802.1x, MAC Authentication Bypass	Yes	No	No	No
Web authentication (local, central, device registration)	Yes	No	No	No
MACsec (all)	Yes	No	No	No
SSO, SAML, ODBC–based authentication	Yes	No	No	No
Guest portal and sponsor services	Yes	No	No	No
Representational state transfer (monitoring) APIs	Yes	No	No	No
External RESTful services (CRUD)-capable APIs	Yes	No	No	No
Security group tagging (Cisco TrustSec®SGT)	Yes	No	No	No
PassiveID (Cisco Subscribers)	Yes	No	No	No
PassiveID (Non Cisco Subscribers)	No	No	Yes	No
Profiling	No	No	Yes	No
Profiler feed service	No	No	Yes	No
Device registration (My Devices portal) and provisioning for Bring Your Own Device (BYOD) with built-in Certificate Authority (CA	No	No	Yes	No
Context sharingpxGrid	No	No	Yes	No
Endpoint Protection Services (EPS)	No	No	Yes	No
Cisco TrustSec andACI integration	No	No	Yes	No
Location-based integration using Cisco Connected Mobile Experiences(CMX)or Cisco Mobility Services Engine(MSE)	No	No	Yes	No
Rapid Threat Containment (RTC) (using Adaptive Network Controland pxGrid)	No	No	Yes	No
Posture (endpoint compliance and remediation)	No	No	No	Yes
Enterprise Mobility Management and Mobile Device Management (EMM and MDM) integration	No	No	No	Yes
Threat Centric NAC	No	No	No	Yes
Cisco AnyConnect Unified Agent (requires Cisco AnyConnect Apex license; see“Ordering information”section)	No	No	No	Yes
Wired access control	Yes	No	Yes	Yes
Device Administration (TACACS+	No	Yes	No	No

ISE feature

1. Device Administarion 

a. TACACS+

2. Guest

a. Wireless Guest Setup Wizard

3. Secure Access

a. Easy connect

b. BYOD

C. MSE Intergation

4. TrustSec

a. ACI Integration

b. Change Management

TACACS+ Device Administration은 Role-based access management가 ISE 2.0부터 가능합니다.