We are looking to allow the iPad/iPhone devices on the network. From reading previous reports in the media, I know that several colleges/universities have run into a problem with some code versions not handling DHCP correctly.
I am looking at trying to protect us from a DHCP Pool exhaustion situation. We have implement some of the port security commands. On the trunk ports that the AP's are connected to, I have used ip arp inspection trust as a default. Maybe we need to look at changing that stance. Putting this command on all trunk ports, whether connected to an AP or a switch, is what we do as a part of our normal deployment.