Anthropic Enhances Claude Managed Agents with MCP Tunnels and Self-Hosted Sandboxes for Improved Enterprise Security

Anthropic continues to expand the capabilities of Claude Managed Agents with the introduction of two significant privacy and security features: MCP tunnels and self-hosted sandboxes. These additions come shortly after the initial launch of Managed Agents in April and subsequent enhancements in May, demonstrating Anthropic's commitment to providing enterprise-grade AI solutions with robust security controls.

Platform Update: MCP Tunnels and Self-Hosted Sandboxes

The new MCP tunnels feature addresses a critical challenge for enterprises looking to integrate AI agents with their internal systems without exposing sensitive infrastructure to the public internet. This feature allows Claude Managed Agents to access MCP (Model Context Protocol) servers within an organization's private network through a lightweight gateway that requires only a single outbound connection.

"Both the sandbox where an agent executes tools and the services it reaches run within the established boundaries of your enterprise, under your security and runtime controls," Anthropic explains in their announcement.

The self-hosted sandbox feature provides additional flexibility by allowing organizations to maintain sensitive files, packages, and services within their own infrastructure or with a managed sandbox provider. This hybrid approach keeps the agent orchestration loop on Anthropic's infrastructure while moving tool execution to the customer's environment.

Developer Impact: Enhanced Security and Integration Capabilities

For developers working with Claude Managed Agents, these features represent significant improvements in security posture and integration possibilities. The MCP tunnels feature eliminates the need for complex firewall configurations or public endpoints when connecting to internal systems, simplifying the implementation of secure AI integrations.

Developers can now:

• Connect to internal databases without exposing them to the public internet
• Access private APIs securely through encrypted end-to-end connections
• Integrate with knowledge bases and ticketing systems while maintaining network isolation
• Deploy with minimal infrastructure requirements (single outbound connection)

The self-hosted sandbox feature offers similar benefits for code execution environments:

• Maintain control over sensitive development environments
• Use preferred sandbox providers (Cloudflare, Daytona, Modal, or Vercel)
• Bring custom sandbox clients for specialized requirements
• Separate agent orchestration from tool execution environments

Migration Path: Enterprise Adoption Considerations

Organizations evaluating these new features should consider several factors for successful implementation:

For MCP tunnels:

• The feature is currently in limited research preview, requiring access requests
• Implementation requires deploying a lightweight gateway within the network perimeter
• No inbound firewall rules are needed, simplifying network configuration
• End-to-end encryption ensures data security during transit

For self-hosted sandboxes:

• Currently available as a public beta feature
• Integration with existing infrastructure requires planning for the separation of orchestration and execution environments
• Support for multiple providers offers flexibility based on existing cloud relationships
• Custom sandbox clients require additional development effort but provide maximum flexibility

The introduction of these features positions Claude Managed Agents as a more viable solution for enterprise environments where security and privacy are paramount concerns. By allowing organizations to maintain control over their infrastructure while leveraging Anthropic's advanced AI capabilities, these features address a common barrier to AI adoption in regulated industries.

For developers managing applications across multiple platforms, these enhancements to Claude Managed Agents provide a consistent security model that can be applied regardless of the target deployment environment. The cross-platform nature of these features ensures that security considerations don't become platform-specific challenges.

Organizations interested in implementing these features should review the official documentation for detailed setup instructions and consider participating in the research preview for MCP tunnels to gain early access and provide feedback on the implementation.

As AI continues to integrate more deeply into enterprise workflows, features like MCP tunnels and self-hosted sandboxes will become increasingly important for maintaining security without sacrificing functionality. Anthropic's approach of providing enterprise-grade security controls while keeping the core AI processing on their infrastructure represents a balanced approach to AI deployment that many organizations will find valuable.

The continuous evolution of Claude Managed Agents, with regular feature additions and improvements, demonstrates Anthropic's commitment to addressing the practical needs of enterprise AI adoption. These latest additions further strengthen the platform's position as a comprehensive solution for organizations looking to leverage AI while maintaining strict security and privacy controls.