Configuring an external Web Application Firewall (Akamai) in PaaS

Issue

Configuration of the external Web Application Firewall (Akamai) with Liferay Cloud comes under a third-party application and Liferay Support is limited in assisting with it.
However, the following pointers may help you to get a basic idea:
1. Akamai (or any external WAF) will reside completely outside Liferay's infrastructure and will be managed by you only.
2. The flow of requests from users would be like this: DNS (Domain) → Akamai (or any external WAF) → redirect to Ingress Load Balancer IP: 34.x.x.x
3. You need to configure your DNS records (domains) to point to your Akamai services and the certificate for that domain would be configured over Akamai only.
4. Liferay's outer load balancer (also known as Ingress) has to be configured to get responses from Akamai.
5. Liferay's end (Ingress) must be configured in such a way that it will only accept requests coming from Akamai.