Switches are NOT a security feature

That's the important part. A switch is an optimization over a hub, meant for better performance, not for security.

When a hub receives a packet (an ethernet frame), it dispatches it on all the other links. This is inconvenient in large networks, because this means that when two machines talk to each other, they monopolize the whole network. 

To avoid this issue, switches try to remember which machine is on which link, so that they may propagate a given frame only on the relevant link, thus leaving most of the network free for other simultaneous communications. This is only a best effort and in no way a guarantee that a given packet will be sent on the single "right" link. The switch works on an internal cache memory which has limited size. Thus, it is easy for an attacker to spam the switch with lots of packets from "fake" systems so that the switch can no longer decide which is the right link for a given packet; at this point, the switch falls back to "hub mode" and broadcasts the packet on every link.
So you should use a switch for performance but certainly not for security reasons.
A bridge is a general-purpose computer which believes it is a switch. It has several network interfaces, and relays ethernet frames as a switch would do. Bridges can also do some intricate filtering since a general-purpose computer has a CPU and RAM; that's actually why you would still want to setup a bridge instead of using a much cheaper switch. Some switches are also, internally, computers which can run elaborate filters on transiting packets; so the distinction between a "bridge" and a "switch" is now quite blurry.
When in doubt, use a switch -- but do not assume that it will do you any good security-wise.

source : http://security.stackexchange.com/questions/8728/hubs-switches-and-bridges-flaws-and-security-superiority