Network policy configuration

Claro's security team has decided that access to the Snowflake account should only be permitted from the company's corporate network, which uses a fixed IP range of 203.0.113.0/24. All remote workers must connect via the corporate VPN, which routes traffic through the same range. The team needs to implement this restriction at the account level.

Which approach correctly implements this network restriction in Snowflake?