Make Azure Functions not publicly accessible?
The built-in keys support is meant to provide an option for this. You can require all requests to include an API key which is only shared with resources you care about. In fact, all HTTP-triggered functions require a key by default. You would have to explicitly choose to remove this requirement.
Keys aren't a networking solution though, and if you leak the keys, someone could access your APIs (until you roll the keys). You are correct that the VNet support is point-to-site, meaning it can access resources, but the function app is not protected itself. An App Service Environment would solve that, although Kai's comment on the original question is correct - ASE is not yet available for Functions.
In addition to keys, you could look at using App Service Authentication / Authorization to require an AAD service principal. This is effectively like a key, but has additional benefits if you are modeling other entities in AAD. Unless you know you need this, though, I would stick with keys.
With CORS functionnality you can restrict access to your Azure Function. To configure this, check the following link : Azure Function Settings, at the CORS section.
You can apply access restrictions to an Azure Function. The documentation can be found here.
You can use PowerShell AZ module to create a rule (or the portal if you prefer).
Add-AzWebAppAccessRestrictionRule `
-ResourceGroupName "ResourceGroup" `
-WebAppName "AppName" `
-Name "Ip example rule" `
-Priority 100 `
-Action Allow `
-IpAddress 122.133.144.0/24
Docs for Add-AzWebAppAccessRestrictionRule
can be found here.