Sorry if my post was not clear.  We have a bunch of inside networks that are behind our firewall where the layer 3 gateway lives on our 6807 switch which is running vss and then gets passed off to layer 2 via our 2960X access layers switches.   Normally anytime I would add a new network I would create a new vlan for it and configure the vlan interface to be the layer 3 gateway on our core switch.  The new network would be added to the routing table as a directly connected network  and be accessible by all of the other inside networks in the routing table.  I would like to create a new network that traverses the same switches our other networks do but is not routable to/from our other networks.  We only want clients on this new network to see other.  WE want to completely isolate this network. It's not something I have ever done before but it seems like there'd be a fairly easy way to accomplish this.

VRF(-lite).

I am not familiar with vrf lite.  IS there a document you could reference?

Have you tried searching Cisco's main site for, without quotes, "vrf-lite"?

Should find lots of documentation, of many types, even including some videos.

@mlund makes an excellent suggestion.  If the to be added VLAN, will all just be one L2 broadcast domain, and needs no routing, at all, you can pass along that VLAN, as just another VLAN.  Without any L3 interfaces, this VLAN would be totally isolated.

Regarding supporting DHCP, such a service would need a "foot", i.e. presence, in the same L2 broadcast domain. In other words, your DHCP would need a NIC and host IP address, L2 broadcast domain (which is what DHCP expects unless we get into DHCP relays).