Table of contents

Introduction………………………………………………………………………………………………2

KOC Architecture………………………………………………………………………………………..2

Datacenter………………………………………………………………………………………………..2

Network Type and Technology…………………………………………………………………………3

Security Measures……………………………………………………………………………………….5

IP Addressing System……………………….…….…………………………………………………….6

Services and Applications……………………….………...…………………………………………….6

Building Design and User Distribution………………………………………………………………….6

Network Equipment……………………….…….……………………….……………………………….7

LAN and WAN Description……………………….…….……………….……………………………….7

Use of New Technologies……………………….……………………………………………………….8

Network Architecture Analysis and Recommendations……………………...……………………….8

Advantages and Disadvantages of Network Design………….……………...……………………….8

1
Introduction
Kuwait Oil Company (KOC) is a major oil and gas company in charge of exploring, drilling and
producing oil and natural gas within the State of Kuwait. KOC is a monumental figure in the
international energy landscape, and its vast operations require an equally large network
infrastructure that must be highly secured. 800+ sites connecting more than 1,000 devices that
include operational and corporate environments in this network.

Security, and dependability in the communication network and data handling/controlled

operations between its different facilities. The report, when viewed in the ranking of top 2
service providers that provides network overview including technologies used and services
available as well as per country resources breakdown even further also presents a
comprehensive list of functions performed by KOCs IP networks. It also takes into consideration
the current network architecture and offers recommendations that might further enhance it,
making sure efficiency, security & scalability can be achieved to align with KOC strategic goals.

KOC Architecture

Datacenter
The Kuwait Oil Company's data center is a wealth center, running and storing critical information
and applications. On the infrastructure side, it features advanced Cisco networking equipment,
very high-capacity servers, and robust storage at the core. This datacenter provides services
that touch both the company's internal operations and external services in a very highly
available, reliable, and secure manner. On the other hand, KOC's data center architecture
includes a redundant power supply, climate control systems, and an elaborate structure of

2
security consisting of firewalls and intrusion detection systems with physical access controls. It
will also ensure that the data center processes huge volumes of information and runs services
continuously without interruption but ensure protection from any potential threats and reduce
chances of downtime.

Network Type and Technology

Network Topologies
The network design of KOC uses two different topologies: Star and Mesh topology.

 Star Topology: A star topology is used in individual buildings and campuses, wherein all
the devices are connected to a central hub, normally a network cabinet. This layout
allows for easy management and troubleshooting of any issues that may develop within
the building.

3
  Mesh Topology: Mesh topology is used in connecting several buildings while providing
redundancy. In such a setting, each network cabinet and building is connected to a
number of the rest. Redundancy is attained through the availability of different paths that
the data may use to travel. Such a design offers increased network availability and
resilience since it allows the continuous flow of data despite a path failure.

The network architecture of the Kuwait Oil Company consists of star and mesh configurations
using the latest Cisco devices for high-reliability, efficient data flow, and a centralized form of
control with redundancy to reduce downtime. Some suggested improvements would be security

4
with AI-driven analytics, SDN for scalability, cloud integration as additional redundancy, and
QoS policies for optimized network performance. These changes would further reinforce
security, flexibility, and scalability for KOC's future needs.

Network Technology
KOC has a difficult hybrid network structure which includes various types of networking
technologies in support of its extensive operations. The major types of network technologies in
use at KOC are:

 Ethernet: At the core of the network is a technology that provides reliable, high-speed,
wire-based connections to the network: Ethernet. It provides the primary interface for
interconnecting computers, servers, and other network appliances within KOC's various
facilities and buildings.

 Fiber Optic: KOC uses fiber optic technology for both its intra-building and inter-building
communication. Fiber optic cables, both single-mode and multi-mode, find applications
where high bandwidth and long-distance transmission with efficient transfer are required.
This provides robust and secure data transfer between different KOC sites.

 WLAN (Wireless Local Area Network): WLAN is implemented to provide wireless

connectivity to KOC's facilities, in particular the administrative offices and other critical
locations such as hospitals. This setup also supports the use of mobile devices,
facilitating flexible access to the network.

 Multiprotocol Label Switching: The network is made efficient and effective with the
use of MPLS technology, which handles data traffic flow across its comprehensive
network spanning the company. It supports end-to-end circuit creation across any type
of transport media using any protocol in its transport mechanism—all of which is crucial
for KOC's complex network traffic management.

Security Measures
The Kuwait Oil Company (KOC) has implemented pretty solid security measures to protect the
network and the data. These controls include:

 Network traffic to prevent unauthorized access is managed and monitored by firewalls

and intrusion detection systems (IDS).
 To Ensure secure remote access by encrypting data in transit with the use of VPN.
 Data encryption is used to protect sensitive information both at rest and in trans
 Access control is done on a role basis where access to sensitive systems is granted
based on roles.
 They use the technique of Isolation of sensitive systems to decrease the risk inside the
system.

Kuwait Oil Company (KOC) ensures network security by controlling everything from the main
data center to individual workstations, using their own fiber connections. This setup allows KOC
to manage and protect the entire network, safeguarding data and operations from external
threats.

5
They also have a Security Operations Center (SOC) that operates 24/7, both on-site and
remotely, to monitor the network for potential security threats. The SOC promptly alerts the
company in case of suspicious activities, enabling timely actions to protect their systems and
data.

IP Addressing System
Kuwait Oil Company uses IPv4 for their infrastructure's addressing. They have a range all to
themselves for IP addresses: 193.188.160.1/19. This gives them over 8,000 reserved IP
addresses that they are using in operating their internal and external communications all across
the network.

Services and Applications

KOC supports various critical services, such as:

 Corporate Communications such as E-mail, IP phone calls, internal application servers

for HR and other corporate functions.

 Operational Systems are well monitoring and controlling systems for oil operations.

 They provide data center services like hosting applications, storing data, balancing loads
for high-availability websites, and applications.

 This will provide one-stop access to the integration of Hospital's X-ray services and other
vital applications in healthcare systems.

At present, KOC does not host any applications on the public cloud. However, plans are
underway in collaboration with Google to have three data centers established within Kuwait.
This potentially shows the future adoption of cloud computing and storage technologies. The
intention of this collaboration is to tap into Google's infrastructure to benefit KOC's network
capabilities. The details of this integration are, however not yet discussed.

Building Design and User Distribution

Network design and distribution of Kuwait Oil Company are arranged in accordance with their
extensive operations which includes building distributions like:

 Large buildings such as corporate offices and data centers, which have lots of network
devices with a large user endpoint.

 Remote Sites comprises operation sites across Kuwait, each equipped with its own
network setup.

 User Density is building dependent where there are hundreds of users in large offices,
tens in smaller sites or specialized buildings, such as hospitals.

6
Network Equipment
KOC has a range of Cisco equipment, including:

 Core Switches: Cisco Nexus 9000 series.

 Distribution Switches: Cisco Catalyst 6500-E series.
 Access Switches: Various models, including Cisco Catalyst WS-C2960G.
 Routers: ISP-provided routers for external connectivity.

LAN and WAN Description

LAN (Local Area Network):
 LAN Contains the devices/ systems used within KOC premises like computers, printers,
and servers. In the organization we can make use of a star and mesh topology mix. In
the existing hardware, it may use the cisco make access switches, distribution switches,
and core switches. People and group communications and transfer of data internally
between employees and systems.

7
WAN (Wide Area Network):
 WAN fixes the services to the systems from outside the local network / Organization. It
Includes Internet connections and is communicating to KWAN (K-Companies Wide Area
Network) and KIN (Kuwait Internal Network). The WAN is used for the purpose of
communications support to KOC and KPC companies and the government ministries
and departments. It is also capable of giving a Data Exchange opportunities with the
internet.

Use of New Technologies

KOC is keeping new technologies in its future plan, in consideration with cloud computing and
virtual networking. KOC are in discussion with Google about collaboration on cloud services.

Network Architecture Analysis and

Recommendations
KOC's current network architecture provides high security, availability, and reliability. Areas
where improvement can be made are as follows:

 Virtual Networking is used to reduce dependency on hardware and improve scalability.

 Multi-vendor approach would reduce costs and increase flexibility.

 Multi-security zones is for the improvement of internal security through division into
network areas.

Advantages and Disadvantages of Network

Design
Advantages
 Security: The network division of operational systems and corporate communication
enhances security since the chances of accessing critical operational systems become
limited as they are not on the same network with general corporate networks.

 Redundancy and Availability: Mesh topology uses multiple routes for data
transmission, increasing network availability. In case one link fails, it can use different
paths to maintain ongoing communication without any interruptions or loss of time.

 Scalability: A mixed design including star and mesh structures allows for easy
expansion. The existing network infrastructure can easily accommodate new devices
and buildings in case KOC decides to grow its operation without major overhauls.

 Resource Independence: Faults in one part of a segmented system do not affect other
parts. This independence enables trouble-shooting and maintenance efforts to be

8
 concentrated within a particular zone without causing total collapse of the whole
network.

 Centralised Management: Through central deployment of MPLS among other

technologies, the management and monitoring of networks has been made more
efficient. It simplifies life for network administrators by making them run various kinds of
network elements more easily and optimises traffic so that users have

Disadvantages
 Cost: Setting up a highly secure and redundant network design comes at a high price.
Planning for individual infrastructures for operational and corporate networks, besides
high-end components like fiber optics and advanced switches, further adds to the overall
cost.

 Complexity of Maintenance: Running a network with multiple topologies and

technologies is complex. The requirement of specialised knowledge and skills to
maintain and troubleshoot the network infrastructure may be challenging and could
result in higher operational costs and continuous staff training.

 Resource Duplication: Segmentation of the operations and corporate networks can

lead to duplication of resources. There may be distinct hardware and software
components required for each of these networks, some of which could have been
utilised much more efficiently had they been shared. This duplication improves security
but brings about the disadvantage of underutilised resources, resulting in higher capital
expenditure.

 Scalability Limitations: Although the network is designed to be scalable, it is very

vulnerable to the addition of new devices and network infrastructure expansion. Some of
the physical limitations to scalability include a lack of fiber optic lines and an overload of
existing equipment in the network structure, all of which are very expensive to upgrade.

 Operational Overhead: The need for constant monitoring and management of the
network, especially due to the integration of enhanced security features, increases
operational overhead. This would involve investments in a Security Operations Center
and deployment of an all-round network management solution.

9
_____________________________________________________________________________________

10