TACACS+ is a security application that provides centralized validation of users that attempt to gain access to a Cisco Access Point (AP). Unlike RADIUS, TACACS+ does not authenticate client devices associated to the AP.
TACACS+ provides for separate and modular authentication, authorization, and accounting facilities. TACACS+ allows for a single Access Control Server (ACS) (the TACACS+ daemon) to provide each service authentication, authorization, and accounting independently. Each service can be tied into its own database in order to take advantage of other services available on that server or on the network, depending on the capabilities of the daemon.