"What's your redundancy? HSRP? What happens when someone spoofs your VIP/virtual MAC? Everything is down. I've seen large offices taken down becuase they used 192.168.1.1 as an important device, and someone plugged in a home router under their desk as an AP, causing a conflict that took down a "redundant" network."
Why would you trunk your service VLANs to your user access switches?
You don't need to do 802.1x for distribution or server switches, you can just do port security (slightly higher admin overhead for ports on really important places). It might not prevent MAC spoofing being an issue, but surely you would physically secure switches which carry 'production' VLANs.
Even if you had a failure in one layer 2 domain, you surely have your critical services active-active across geographically redundant sites (using IP anycast if you can, or a geographic load balancer like F5s BigIP GTM) with 5-second or less failover, that share no single points of failure (e.g. multiple route reflectors, multiple peering points, multiple links to each multiple transit providers).
(And I'm not involved in networking in our team, I look after servers and applications).