diff --git a/ansible/roles/firewall/templates/main.conf.j2.j2 b/ansible/roles/firewall/templates/main.conf.j2.j2
index 99a5188d..7f2913f6 100644
--- a/ansible/roles/firewall/templates/main.conf.j2.j2
+++ b/ansible/roles/firewall/templates/main.conf.j2.j2
@@ -122,10 +122,10 @@ mv_depth=4
 mv_width=13660
 timestemp=5
 min_report_threshold=150
-tcp_flood_thresh="0.0008"
-udp_flood_thresh="0.0008"
-icmp_flood_thresh="0.0008"
-dns_flood_thresh="0.0008"
+tcp_flood_thresh="{{ ddossketch.tcp_flood_report_thresh }}"
+udp_flood_thresh="{{ ddossketch.udp_flood_report_thresh }}"
+icmp_flood_thresh="{{ ddossketch.icmp_flood_report_thresh }}"
+dns_flood_thresh="{{ ddossketch.dns_flood_report_thresh }}"
 
 {% if PROFILE_ID == '9000-NPB-P01R01' %}
 [TRAFFIC_MIRROR]
diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R01 b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R01
index 60f257e9..6b493d11 100644
--- a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R01
+++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R01
@@ -22,6 +22,10 @@ wannat:
 
 ddossketch:
   enable: 1
+  tcp_flood_report_thresh: 0.0008
+  udp_flood_report_thresh: 0.0008
+  icmp_flood_report_thresh: 0.0008
+  dns_flood_report_thresh: 0.0008
 
 app:
   identify_by:
diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R01 b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R01
index 52c59f4b..cb0aac49 100644
--- a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R01
+++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R01
@@ -21,6 +21,10 @@ wannat:
 
 ddossketch:
   enable: 1
+  tcp_flood_report_thresh: 0.0008
+  udp_flood_report_thresh: 0.0008
+  icmp_flood_report_thresh: 0.0008
+  dns_flood_report_thresh: 0.0008
 
 app:
   identify_by: