Anthropic Enhances Claude Agents with Private Sandboxes for Enterprises

In a significant move to bolster enterprise control over AI operations, Anthropic has announced that its Claude Managed Agents will now be able to execute tasks within self-hosted sandboxes. This update, effective immediately, allows organizations to keep sensitive data and compute resources within their own infrastructure or managed environments. The shift comes as data privacy and security become pressing concerns for businesses integrating AI solutions.

Keeping Data In-House

With the introduction of self-hosted sandboxes, companies can ensure that any sensitive files, packages, and services used by the AI agents remain within their boundaries. While core agent operations will still take place on Anthropic's infrastructure, the execution of specific tools will occur in environments directly controlled by the customer. This setup enables organizations to apply their existing network policies, audit logging, and security tools effectively.

Enterprises now also have direct oversight of computing resources, allowing them to specify CPU, memory, and capacity for demanding tasks such as builds or image generation. This control is essential for businesses that require stable and reliable AI performance without risking their data security.

Flexible Sandbox Options

Anthropic's new features also allow customers to choose their sandbox provider or bring their own clients. Notable providers include Cloudflare, which offers scalable sandboxes using microVMs, and Daytona, which provides stateful and composable sandboxes accessible through SSH or authenticated URLs. Modal focuses on a cloud platform for AI workloads, while Vercel combines VM security with quick startup capabilities, managing credentials effectively at the network boundary. This flexibility enables organizations to select the environment that best fits their specific needs.

Secure Connectivity with MCP Tunnels

To enhance security further, Anthropic has introduced Model Context Protocol (MCP) tunnels. These tunnels enable secure connections to internal resources, allowing AI agents to interact with private databases, APIs, and knowledge bases without exposing them to the public internet. By deploying a gateway that establishes a single outbound connection, the need for complex inbound firewall rules or public endpoints is removed. End-to-end encryption ensures that the integrity of exchanged data remains intact.

MCP tunnels are available within both Managed Agents and the Messages API, easily managed through the Claude Console's workspace settings. This feature is particularly important as organizations increasingly seek to utilize their internal resources while adhering to strict security protocols.

Implications for the AI Landscape

Anthropic's updates mark a significant step in the evolution of AI infrastructure, especially for enterprises that prioritize data security. By providing tools for self-hosting and secure connections, the company meets the growing demand for privacy-focused AI deployment.

As businesses continue to integrate AI into their operations, solutions like those offered by Anthropic could set new standards for how organizations approach AI security and data management. The ability to control execution environments and maintain secure connections to internal resources may become a baseline expectation in the industry as concerns about data breaches and regulatory compliance rise.

Looking ahead, the adoption of these features could influence how enterprises evaluate AI solutions, shifting the focus from pure functionality to include a stable framework for security and control. As more organizations recognize the importance of safeguarding their data, Anthropic's innovations could position it as a leader in secure AI infrastructure.