You don't actually have to use the SetEnvIf method if you just want to block IP addresses. For example, <Files *> Order Deny,Allow Deny from ^###\.##\.###\.##$
will also work. SetEnvIf is only needed when you wish to Deny based on server variables other than IP address or remote hostname.
As to which is "better," that's largely a matter of preference or necessity; Some servers don't support mod_rewrite, so the only way to block access is with mod_access (or a script). Other subtle differences may also be important in the decision too; In some server configurations, mod_access-denied accesses are logged to the server error log, while mod_rewrite-denied accesses are logged to the server access log.