Hi Volodymyr,

Cisco  Identity Services Engine (Cisco ISE) is a next-generation identity and  access control policy platform that enables enterprises to enforce  compliance, enhance infrastructure security, and streamline their  service operations. The unique architecture of Cisco ISE allows  enterprises to gather real-time contextual information from networks,  users, and devices. The administrator can then use that information to  make proactive governance decisions by tying identity to various network  elements including access switches, wireless LAN controllers (WLCs), Virtual Private Network (VPN) gateways, and data center switches. Cisco ISE is a key component of the Cisco Security Group Access solution.

Cisco ISE is a consolidated policy-based access control system that  incorporates a superset of features available in existing Cisco policy  platforms. Cisco ISE performs the following functions:

•Combines authentication, authorization, accounting (AAA), posture, and profiler into one appliance

•Provides for comprehensive guest access management for Cisco ISE administrators, sanctioned sponsor administrators, or both

•Enforces endpoint compliance by providing comprehensive client provisioning measures and assessing the device posture for all endpoints that access the network, including 802.1X environments

•Provides support for discovery, profiling, policy-based placement, and monitoring of endpoint devices on the network

•Enables consistent policy in centralized and distributed deployments that allows services to be delivered where they are needed

•Employs advanced enforcement capabilities including Security Group Access (SGA) through the use of Security Group Tags (SGTs) and Security Group Access Control Lists (SGACLs)

•Supports scalability to support a number of deployment scenarios from small office to large enterprise environments

For further information you can check the below link,

http://www.cisco.com/en/US/docs/security/ise/1.2/user_guide/ise_user_guide.html