I've mentioned the lack of inbuilt security functionality in .NET Remoting and, although it looks this might be remedied in a future release (see my entry on this), Microsoft are currently suggesting you use something based on these MSDN samples:
However we've found this blows up regularly when put it under load, throwing this exception on the client side:
Unhandled Exception: System.Net.Sockets.SocketException: Only one usage of each socket address (protocol/network address/port) is normally permitted
You have been warned. I've not bothered investigating any further because we're now using a named pipe channel which gives *much* better performance and security.