- Anthropic just rolled out new infrastructure features for Claude Managed Agents, including self-hosted sandboxes and MCP tunnels built for enterprise AI deployments.
- Companies can run AI agent execution environments with providers like Cloudflare, Daytona, Modal, and Vercel.
- This update was announced in May 2026 and it reflects how companies want secure, autonomous enterprise AI systems and not just standalone chatbots.
With this latest expansion, Claude Managed Agents are moving way beyond simple conversation bots. Enterprises want agents that can write code, automate workflows, access their internal tools, and handle all sorts of operational tasks without putting sensitive infrastructure at risk.
Instead of forcing organizations to run everything in someone else’s cloud, Anthropic lets them keep execution environments in their own controlled systems, while Claude manages all the orchestration and reasoning.
What the Claude Managed Agents Update Means for Enterprises
Claude Managed Agents serve as Anthropic’s framework for autonomous AI systems that can handle complex, long-running workflows and multi-step processes. They’re not your usual chatbots giving short, one-off answers, they act as ongoing partners. These agents can work with APIs, repositories, databases, development environments, etc.
This update brings in a split architecture model. So Claude stays responsible for high-level tasks like reasoning, planning, and orchestration, but the actual hands-on work happens inside isolated runtime environments, which are managed by customers or infrastructure partners.
That kind of separation matters, especially for companies that have strict governance needs. If you’re in healthcare, fintech, cybersecurity, or making enterprise software, you just can’t let public AI infrastructure touch your most sensitive systems.
Anthropic’s setup gives enterprises control over execution, networking, permissions, and data access while still letting them use Claude’s autonomous smarts.
Live from Code with Claude London: we're launching self-hosted sandboxes (public beta) and MCP tunnels (research preview) in Claude Managed Agents.
— Claude (@claudeai) May 19, 2026
Run agents inside your own perimeter, with your security controls applied by default. pic.twitter.com/cxvmk3feHp
Choose your Sandbox Client
Anthropic’s infrastructure works with several sandbox providers, each tuned for different types of work and operational needs.
Cloudflare
Cloudflare handles edge-based execution environments that are great for low-latency, globally distributed tasks. It’s best for lightweight autonomous jobs and customer-facing AI systems where speed matters.
Daytona
Daytona works with ephemeral development environments and workflows focused on repositories. If you need a home for coding agents, software testing, debugging, or general engineering automation, use this tool.
Modal
Modal is the go-to for compute-heavy workloads, especially those needing scalable GPU power like AI and machine learning operations that run long or require a lot of muscle.
Vercel
Vercel gives you serverless deployment infrastructure closely tied to web applications and modern frontend ecosystems. It’s perfect for launching AI-powered SaaS products and web-native autonomous experiences.
Also read: How to Set Up Claude Code Agent View for Managing Multiple AI Coding Sessions
How the Sandbox Setup Works
Step 1: First, you pick which sandbox provider fits your workload. Teams focusing on coding automation will likely choose Daytona. If you need serious GPU power for heavy AI workloads, pick Modal.
Step 2: Configure compute resources, networking, environment variables, and execution permissions.
Step 3: Connect your runtime environment to Claude Managed Agents using Anthropic’s integration tools.
Step 4: Install a lightweight MCP gateway inside your infrastructure. That creates outbound encrypted tunnels so your internal systems talk securely to Claude agents.
Step 5: Now you can expose your APIs, repositories, ticketing systems, dashboards, databases, and other workflows to Claude while still keeping permissions tight with MCP integrations.
Step 6: Your security team will set role-based permissions, credential limits, logging, and monitoring so everything stays compliant and visible.
Step 7: Once everything’s running, monitor agent behaviour, execution logs, infrastructure use, and workflow performance, and scale up or down as needed.
Conclusion
Anthropic’s latest update to Claude Managed Agents points to a big change in the enterprise AI world. Companies are walking away from basic chatbots and moving toward persistent, autonomous systems that can safely work inside enterprise environments.
The arrival of self-hosted sandboxes and MCP tunnels shows the industry finally sees that real enterprise AI adoption relies on solid governance, observability, and infrastructure trust and not just smart models.
