- what is the use case here, Guest itself different user and it required different access to go to internet, guest do not have any Local resource access, but with SMS can be possible you need integrate with your Portal.
A: These are some of the devices that the internal users or the corporate users bring and would need access to internal network.

- what devices these are ?  smart phones ? or dumb devices can not be input any data like medical devices or industrial devices.
A: Laptops, smart phones and tablets, connecting to the wireless network, where in the users use their own machines to work and access the company network and its resources. Kind of BYOD.

-  Look at below what feature support each License : (ISE License Model and Features
A: Seems that there would be a need to upgrade the license for the feature that we are looking for.

You are not describing a Guest scenario. "Guests" should never be required to use MFA since that is too much effort for the guest and potential support overhead for you.

Internal / corporate users bringing in devices for access to the internal corporate network is considered BYOD and are generally managed with MDM software to ensure they are 1) secure and 2) provisioned with network access profiles (SSIDs, certificates, etc.) for secure connections. You don't do this for Guests with open/unsecured Guest networks.

See https://cs.co/ise-licensing for ISE Licensing scenarios.

Basic authentication with MFA uses an ISE Base or Essentials. MDM would be Apex/Premier licensing.

Here is the scenario, currently only base licenses are available for use and not in position to procure new ilcensing for the advance use cases.
The other thing is that the company has a policy of allowing users to allow access to network using devices of their choice, using the AD credentials.
Cannot using profiling or BYOD, because of the license upgrade involved. Or even cannot certificate authentication, as CA infrastructure is not available and setup will take quite a time.

Now, there have been incidents of password sharing, thus to curb this and allow only devices of the users to login thinking of MFA.
Or somehow use MAC address + user/password configuration.

I am pretty sure that such a configuration will not be feasible until Plus licenses are procured. Just want some more pointers for this kind of deployment scenario.

Yes, that does make sense and such a recommendation has already been provided.

I was looking if such a scenario could have been deployed earlier and if there was any other workaround.

I think this resolves it then.