There seems to be some misconceptions regarding what a switched network will protect us from, and what technologies/precautions a secure environment requires when segmenting trusted users from hostile users.
Can anyone elaborate on what the real risks of switched networks, and if there are any real benefits from a security perspective?
Switches are not meant for security. A switch differs from a hub in that it observes packets to deduce where each host is, so that a packet aimed at a given host will be written only on the physical cable leading to that host. This is a performance optimization in that it allows more traffic to happen concurrently on a given network.
The side-effect of packets not being generally broadcasted (physically) on the whole network has been historically mistaken as a security feature. But there is no guarantee that a given packet will not be copied on unwanted links; the switch operates on its own knowledge of the network layout, which is backed by a necessarily limited amount of RAM within the switch (the "ARP cache"). By "spamming" the switch you can overflow the ARP cache, leading the switch to fallback to hub-like behaviour (incoming packets are copied on every link); you can also misinform the switch with fake ethernet packets (so-called "ARP cache poisoning"). These limitations demonstrate that switched networks are not secured networks, they are just optimized networks.
There are three networking devices: a hub, a switch, and a router. They operate at Physical, Data access, and Network layers respectively. Nodes connected to a hub are in the same network domain, and in the same collision domain. Nodes connected to a switch are in the same network domain, but not in the same collision domain. Nodes connected to a router are in different network, and different collision domains. So, a switched network will protect you from collision but not from network attacks.
Collision means that packets sent from two different nodes may cancel or interfere with each other. For example, Andy sends a packet to Cornius at the same time that Bill sends a packet to Danny and these two packets may collide with each other, physically. In other words, they share the same medium.
From a security perspective, being protected from collision means that you are protected from packet sniffers (there are ways around this), and you can enjoy better bandwidth.
For example, one of the security risks I was referring to in my question is that any client on the same vLAN is able to spoof a MAC address and confuse the switch into sending traffic from one isolated workstation to another isolated workstation.
I believe this technique is commonly called ARP Cache poisoning, and it has been around for years.
Back in the stone age of communications, a switched network meant exactly that, a network with copper wires and switches, that established a physical route from A to B. Whomever controlled the physical path controlled security of the communications.
These days I doubt any actual networks still work this way, at least not at the level where you can just call your communications provider and order one. So switched networks are a software defined entity, and much less about security than about performance guarantees.
