Azure Network Security Groups (NSGs) for defining inbound and outbound traffic rules, which is a cost-effective solution that allows for granular control over traffic to and from VMs.

Azure Virtual Network Peering for connecting multiple virtual networks, which enables resources in different virtual networks to communicate with each other but does not directly restrict access based on IP addresses.

Azure VPN Gateway for secure site-to-site connectivity, which provides encrypted connections between your on-premises network and Azure but is not the most efficient method for restricting access based on specific IP addresses.

Azure ExpressRoute for dedicated private network connectivity, which offers a private connection to Azure services but is more expensive and not specifically designed for IP-based access restriction to VMs.

Both Azure Network Security Groups (NSGs) and Azure Firewall, which together provide comprehensive traffic filtering capabilities including IP-based access control and advanced threat protection.