Not yet, they are starting to do client restrictions with published apps, but so far you can't do it with desktop pools. The only option we've seen is to use connection server tagging and route users to the connection server tagged for that desktop pool. This page is a bit older, but the premise is the same
VMware Documentation Library
Basically we have a connection server with internal, external, and special one for a pool we wanted to hide from everyone else. We run all connection through an f5 loadbalancer that uses source based routing to make sure that the correct subnets go to the internal and special connection server, and everything else go to the external one.
