Anthropic just rolled out two major features for its Claude AI platform. These updates give businesses more control and security when using AI agents. The new self-hosted sandboxes and MCP tunnels change where and how AI tools run.

Claude Managed Agents handle complex AI tasks by running long sessions that use various tools. Until now, all tool execution happened inside Anthropic’s cloud. That means files, code, and sensitive data moved outside the company’s own systems. The new self-hosted sandboxes let companies keep that execution inside their own infrastructure or trusted cloud providers.

This change matters because many companies want to keep sensitive files and software in environments they control. With self-hosted sandboxes, they can enforce their own network rules, logging, and security tools. The orchestration and error handling still run on Anthropic’s platform, but the actual work happens where the company wants.

Customers can pick from several sandbox providers. Cloudflare offers scalable, lightweight microVMs. Modal provides GPU-ready sandboxes for heavy AI workloads. Vercel delivers low-latency virtual machines with secure network access. Daytona supports stateful sandboxes that can pause and resume with full memory. Companies can also use their own container environments if preferred.

Several companies have already started using these new options. For example, Rogo, a finance AI platform, uses Vercel sandboxes to securely manage data. Clay’s engineering team runs workflows with Daytona sandboxes. DoorDash builds internal productivity agents using Modal’s GPU-backed sandboxes.

Introducing MCP Tunnels for Private Network Access

The other big update is the Model Context Protocol (MCP) tunnels. These tunnels let AI agents access internal company databases and private APIs securely. Usually, exposing these services to outside networks creates security risks. MCP tunnels solve that by creating a secure, outbound-only connection from the company’s network to Anthropic’s platform.

This means companies don’t have to open inbound firewall ports or create public endpoints. The connection is encrypted end-to-end and controlled through an admin console. Agents can safely work with sensitive data behind the firewall while Anthropic handles agent orchestration outside the network.

MCP tunnels work with both Claude Managed Agents and the Messages API. Setting them up requires no changes to existing agent integrations. The technical details are handled by configuration between Anthropic’s systems and the customer’s network.

Why These Updates Matter for Enterprise AI

These new features reflect a wider shift in AI tools toward enterprise readiness. Many companies hesitate to move sensitive data or code into third-party clouds. They want AI tools that fit within their existing security frameworks. Anthropic’s self-hosted sandboxes and MCP tunnels offer that flexibility.

Meanwhile, Anthropic continues to build out Claude’s core capabilities. Recent upgrades include “infinite” context windows that let agents remember information across long workflows. There are also multi-agent workflows where several AI agents work together on complex tasks.

By controlling memory, orchestration, and evaluation inside one platform, Anthropic aims to simplify how companies deploy AI agents. The new sandbox and tunnel features add more options for secure, controlled execution. This makes Claude a stronger choice for businesses needing advanced AI without compromising security.

In short, Anthropic is giving companies the tools to build smarter, safer AI systems. Enterprises can now run powerful AI agents that keep sensitive work inside their own walls. This opens the door to broader AI adoption across industries with tight security needs.