Anthropic has introduced new capabilities for Claude Managed Agents, allowing enterprises to operate agent sandboxes and connect to private Model Context Protocol (MCP) servers within their own secure environments. This rollout is available as a public beta for self-hosted sandboxes on the Claude Platform, while MCP tunnels are being offered in a research preview to organizations that request access. The feature is targeted at enterprise customers who require strict data control, security, and compliance for sensitive workloads and is accessible through both self-hosted infrastructure and managed providers such as Cloudflare, Daytona, Modal, and Vercel.
Live from Code with Claude London: we're launching self-hosted sandboxes (public beta) and MCP tunnels (research preview) in Claude Managed Agents.
— Claude (@claudeai) May 19, 2026
Run agents inside your own perimeter, with your security controls applied by default. pic.twitter.com/cxvmk3feHp
With the new release, organizations can keep compute, file access, and service integration within their chosen perimeters, benefiting from existing security policies, audit logging, and runtime controls. Sandboxes support flexible resource sizing and custom runtime images, allowing resource-intensive tasks such as image generation or large builds. Key technical improvements include:
- Support for stateful, long-running sandboxes
- Zero-trust secrets management
- Secure outbound-only network connectivity for MCP tunnels, which enable private access to internal services without exposing endpoints to the public internet
Anthropic, the company behind this release, focuses on enterprise AI solutions and addresses customer concerns regarding data privacy, system integrity, and operational transparency. The introduction of these features positions Claude Managed Agents as a robust choice for organizations prioritizing security and customizability in their AI deployments.
