I agree with Reza except I would recommend ISE over ACS. I think ACS is as good as dead at this point :) ISE offers a lot more features and functionality with the exception of TACACS+

Please refer the links for the details of ACS and ISE:

https://supportforums.cisco.com/blog/150451/video-integration-cisco-identity-services-engine-ise-and-wireless-lan-controller-wlc

https://supportforums.cisco.com/document/70751/integration-ise-identity-services-engine-cisco-wlc-wireless-lan-controller

Cisco ISE is a consolidated policy-based access control system that incorporates a superset of features available in existing Cisco policy platforms. Cisco ISE performs the following functions:

• Combines authentication, authorization, accounting (AAA), posture, and profiler into one appliance
• Provides for comprehensive guest access management for Cisco ISE administrators, sanctioned sponsor administrators, or both
• Enforces endpoint compliance by providing comprehensive client provisioning measures and assessing the device posture for all endpoints that access the network, including 802.1X environments
• Provides support for discovery, profiling, policy-based placement, and monitoring of endpoint devices on the network
• Enables consistent policy in centralized and distributed deployments that allows services to be delivered where they are needed
• Employs advanced enforcement capabilities including Security Group Access (SGA) through the use of Security Group Tags (SGTs) and Security Group Access Control Lists (SGACLs)
• Supports scalability to support a number of deployment scenarios from small office to large enterprise environments