Anthropic Gives Companies More Control Over Claude Managed Agents
Anthropic is pushing Claude Managed Agents further into enterprise territory with two significant additions: self-hosted sandboxes and MCP tunnels. The upgrades give companies more say over where their AI agents execute tools and which internal systems they can reach, a move clearly aimed at organisations with stricter data and security requirements.
With self-hosted sandboxes, companies can now run tool execution directly within their own infrastructure rather than relying entirely on Anthropic’s environment. Files and repositories stay inside the company’s network, and existing security policies, audit logging, and network controls remain intact. Businesses also get to specify their preferred CPU, memory, and runtime configuration. For those who don’t want to manage their own setup, Anthropic has lined up managed providers including Cloudflare, Daytona, Modal, and Vercel.
The second feature, MCP tunnels, solves a real pain point for enterprise deployments. It allows Claude Managed Agents to connect to MCP servers sitting inside a private network without exposing anything to the public internet. A lightweight gateway opens a single outbound, end-to-end encrypted connection, requiring no inbound firewall rules or public endpoints. The result is that agents can access internal databases, private APIs, and ticketing systems as tools, something that was previously a friction point for companies working with sensitive internal data.
There is one key boundary Anthropic is holding firm on. Agent orchestration including context management, error handling, and the core agent loop stays on Anthropic’s own servers. This means a fully on-premise deployment of Claude Managed Agents is still off the table for organisations that want complete control over model execution.
Both features are still in early stages. Self-hosted sandboxes are currently available as a public beta, while MCP tunnels are in research preview and require companies to request access before they can try them.
The updates come as Anthropic continues to build out its managed infrastructure for autonomous AI agents, with the latest changes signalling that enterprise trust and data security are becoming central to how the company is positioning Claude in competitive deployments.
