Don't know, offhand, but I'll bet EH's columnist, Georgia Weidman, might be a good person to ask...

http://www.ethicalhacker.net/content/view/445/24/

There are products on the market that build secure sandboxes on a mobile. If used in corporate world you can use policy to lock the device down so you can disable wireless so on.

One such product is DME by excitor.

Along these lines, think about why you want to ban cellular phones or whether the intent is consistent. What I mean by this, do phones represent the only avenue of exfiltration for the data you are trying to protect and are you considering other vectors as well? Camera phones are a great example. I worked in healthcare for about 6 years (not currently) and a common policy for the health depts I audited was not allowing cellular phones in common areas, or disabling camera function on enterprise smartphones. Yet there was no policy governing digital cameras. This is an example of where application of controls are not consistent with the intent of the control. Just something to think about.

Using a good RF scanner will work but like you said its not going to help much if the phones are off. Not to trivialize the issue, but a security guard that can frisk visitors will mitigate that risk to a large extent. Have lockers for visitors to put in their bags/purses etc before they enter the secure area.
What is the purpose of not allowing mobiles by the way? Is it to prevent people from taking pics? If so then the above physcial security issues would help in mitigating the risk. If it is more for preventing visitors from making phone calls while in the secure area, you can also consider moving the very high risk processes (eg cryptographic key generation) into a Tempest room/ Faraday cage which blocks RF signals from going out/coming in. thats really expensive though!