The recommended pattern is to combine controlled timeout settings ‘warning before expiry’ and ‘frequent save/resume’ so that timeout does not equal data loss.
In Pega, timeout behaviour can be driven either by access group/authentication service or by the external app server/auth service, so in your Liferay + IdP + PegaCloud setup you need to confirm which layer is actually enforcing the timeout first.
Because users authenticate through your IdP and the web tier is Liferay, the timeout may not be controlled only by Pega.
For user experience add a session-expiry warning before timeout. Pega supports warning-message customization for timeout scenarios.
For timeout control, review the Access Group authentication timeout, Authentication Service setting
My recommendation would be to align the timeout settings across those layers, add a client-side warning/countdown, and implement draft/autosave/resume for the submission. That gives a safer and more upgrade-friendly solution than trying to keep guest sessions alive for a long time