This article describes how to prevent the server drives from being visible to users in an ICA session.

Instructions

This needs to be done from Windows side using the Group Policy, no Citrix policies can be applied to accomplish this.

Reference Microsoft Article ID: 231289:

With Group Policy Objects in Windows, there is a "Hide these specified drives in My Computer" option that lets you hide specific drives. However, it may be necessary to hide only certain drive but retain access to others. 

• Restrict A, B, C and D drives only
• Restrict A, B and C drives only
• Restrict A and B drives only
• Restrict all drives
• Restrict C drive only
• Restrict D drive only
• Do not restrict drives

1. Start the Microsoft Management Console. On the Console menu, click Add/Remove Snap-in.
2. Add the Group Policy snap-in for the default domain policy. To do this, click Browse when you are prompted to select a Group Policy Object (GPO). The default GPO is Local Computer. You can also add GPOs for other domain partitions (specifically, Organizational Units).
3. Open the following sections: User Configuration, Administrative Templates, Windows Components, and Windows Explorer.
4. Click Hide these specified drives in My Computer.
5. Click to select the Hide these specified drives in My Computer check box.
6. Click the appropriate option in the drop-down box.

These settings remove the icons representing the selected hard disks from My Computer, Windows Explorer, and My Network Places. Also, these drives do not appear in the Open dialog box of any programs. 

You can also create policy using Group Policy Management console.

Also it is possible to Hide the drives using Group Policy Preferences.

1. Start Group Policy Management console. Select existing group policy object or create a new one.
2. Open the following sections: User Configuration, Preferences, Windows Settings, Drive Maps.
3. Right Click on the Drive Maps and select New > Mapped Drive.
4. Select the Update action. Leave the Location field blank.
5. You can select Hide/Show this drive or Hide/Show all drives.

From MS KB:

Hide/Show this drive options have precedence over Hide/Show all drives . For example, if a Drive Map preference item has the Hide/Show this drive option set to Hide this drive and the Hide/Show all drives option set to Show all drives , then all drives are visible except the drive designated as hidden.

You can use a Drive Map preference item to configure the visibility of a physical drive rather than a mapped drive. To do so, select the Update action, leave the Location field blank, select the drive letter of the physical drive, and then configure the Hide/Show this drive and Hide/Show all drives options.

How to restrict users from accessing local drives of an RD Session Host server while using RemoteApp programs - https://blogs.technet.microsoft.com/enterprisemobility/2011/05/26/how-to-restrict-users-from-accessing-local-drives-of-an-rd-session-host-server-while-using-remoteapp-programs/

Using Group Policy Objects to hide specified drives - https://support.microsoft.com/en-us/kb/231289

Configure a Mapped Drive Item: https://technet.microsoft.com/en-us/library/cc770902(v=ws.11).aspx

You can also use Prevent access to drives from My Computer Policy to prohibit from accessing the drives completely.