Hello BB

Thanks for your response, but which part of the linked document answers any of my queries? 

The document will give you full process, how you can create a VN . IP pools for Data and Voice and IOT devices, how you can integrate with ISE .

Create IP pool reservations for APs, campus, guest, multicast, IoT, and border handoff for a building

what part it was not clear ?

s it best to use a separate VN, or is a separate IP Pool enough?  Any recommendations for authentication methods and identifying the phones?  In my particular case I need to handle two different types of phone system.

Different phone in same Voice VLAN, ISE will identify the device based MAB (mac based authentication) ?

I understand how to create all the component parts.  What I looking for is information the covers the voice aspects in more details. 

Nothing here explains what happens with two devices on the same switchport.  Or whether Voice devices should be put into a separate VN, or if that is even possible.

As for authentication of phones, MAB does not seem very secure, especially if they should be part of the Corporate network, so what are the Cisco recommendations, and the reasons behind the recommendation.

Nothing here explains what happens with two devices on the same switchport.  Or whether Voice devices should be put into a separate VN, or if that is even possible.

It all depends on your design, if you like to put each vendor to be different VN you can do, more admin task.

As for authentication of phones, MAB does not seem very secure, especially if they should be part of the Corporate network, so what are the Cisco recommendations, and the reasons behind the recommendation.

MAB is not a great - but that is the only Option available if the Phone do not have option to get Certificate installed in the device ?

so if you looking more secure, buy a Phones which has Certiificate authentication.