Hikvision now recommends IP address filtering as a security measure for using port forwarding but it is not practical.
Allowing ranges for entire ISPs or mobile providers is hardly secure, as they may literally contain millions of IP addresses.
Second, if you're attempting to reach your home or business system remotely from a hotel, a coffee shop, a friend's house, etc., you'll be unable to connect. And that will require a service call to the integrator each time this happens, etc.
IP address filtering is great in a closed, local network where devices are static addressed. But for remote access, except in very well defined circumstances, it's likely to be unusable.