Anthropic adds self-hosted sandboxes and MCP tunnels to Claude Managed Agents

Anthropic is rolling out self-hosted sandboxes and MCP (Model Context Protocol) tunnels for Claude Managed Agents, letting enterprises execute tool operations within their own infrastructure rather than Anthropic's servers.

The update addresses a key pain point for enterprises. Companies deploying Claude agents can now keep sensitive tool execution, database access, and API calls isolated on-premises. The agent itself remains managed by Anthropic, but the computational work and data handling happen in customer-controlled environments.

Self-hosted sandboxes give organizations finer control over security and compliance. Tools that interact with proprietary databases, legacy systems, or sensitive APIs no longer route through Anthropic's infrastructure. MCP tunnels create secure bridges between Claude's core reasoning engine and these sandboxes, enabling real-time communication without exposing internal systems directly.

This hybrid approach balances two competing demands. Enterprises get the operational simplicity of managed agents without sacrificing data sovereignty or compliance requirements. Anthropic retains control of the agent layer itself, preserving safety oversight and preventing the system from being fully weaponized or misconfigured at the infrastructure level.

The move positions Claude Managed Agents as more enterprise-friendly than alternatives. While competitors offer fully self-hosted options, they require companies to manage the entire agent stack. Anthropic's approach splits the difference: customers get infrastructure autonomy while offloading the complexity of running and updating the core agent.

Security becomes the real differentiator here. Companies handling regulated data, trade secrets, or government contracts can now deploy Claude agents without routing everything through third-party infrastructure. The MCP tunnel layer ensures communication happens securely while maintaining Anthropic's visibility into how agents behave.

This feature extends Claude's reach into industries where data residency matters. Financial services, healthcare, and government agencies have stricter requirements around where computation occurs. Self-hosted sandboxes