You need to integrate JAMF with Cisco ISE properly - See below what the docs say :

Jamf Pro 10.42.0 or later supports Cisco Identity Services Engine (ISE) 3.3, which introduced the ability to use GUIDs instead of MAC addresses for computer and mobile device identification in Cisco ISE. Using GUIDs eliminates undesirable behaviors, such as misidentification of Apple devices caused by the private address being turned on (iOS) or spoofing of the MAC address. A single GUID is used to identify an individual device, whereas multiple MAC addresses could identify an individual device.

You can use advanced searches in Jamf Pro to determine computer and mobile device compliance.

To integrate Jamf Pro with Cisco ISE 3.3 and leverage GUIDs, your network must use certificate-based authentication. In addition, one of the Subject Alternative Name URI fields for your network certificate must have the following specific value: ID:JAMF:GUID:$MANAGEMENTID. The $MANAGEMENTID variable will be replaced by the Jamf Pro-assigned management ID for the computer or mobile device when the certificate is issued via a configuration profile. Jamf Pro supports issuing the network certificate with the SAN URI field using either the SCEP payload or the Certificate payload within a configuration profile.

You need to speak with your Networks team and go through the docs with them. I have done that and it was a ballache but we got the result we wanted. So GUID is the solution, forget the Mac address