What happens if my only ACS goes down? ACS is active on my access switches.
What deployment scenario are we talking about here? For example, with 802.1X deployments there is a feature (called Inaccessible Authentication Bypass) that allows you to provide access to a specific VLAN in the scenario where connectivity to the ACS server is compromised. Is that something may help you?