@MSJ1 ,
please take a look at: ISE - What we need to know about TACACS+.
Quoting the document : Configure TACACS+ over TLS 1.3 on an IOS XE Device with ISE.
" ... A Device Administration license allows you to use TACACS+ services on a Policy Service Node. In a High Availability (HA) Standalone Deployment, a Device Administration license permits you to use TACACS+ services on a single Policy Service Node in the HA pair ... "
First of all ... "by the book":
- a Deployment that has a single ISE Node is called a Standalone Deployment.
- Standalone Deployment is not recommended for Production because redundancy is not provided.
- a High Availability (HA) Deployment implies a pair of ISE Nodes working together to prevent a single point of failure.
- please take a look at Performance and Scalability Guide for Cisco Identity Services Engine, search for Cisco ISE Deployments.
IMHO ... I don't like the term High Availability (HA) Standalone Deployment, for me the correct term would be: Two (2x) Standalone Deployments (because they are not working as "a pair"), in other words, I would write it like this:
" ... A Device Administration license allows you to use TACACS+ services on a PSN. In a Two Standalone Deployment (to simulate a HA environment), a Device Administration license permits you to use TACACS+ services on a single PSN of one of the Standalone Deployments ... "
Hope this helps !
