Residential ISPs today have limited device-level visibility into subscriber houses, primarily due to network address translation (NAT) technology. The continuous growth of "unmanaged" consumer IoT devices combined with the rise of work-from-home makes home networks attractive targets for cyber-attacks. Volumetric attacks sourced from a distributed set of vulnerable IoT devices can impact ISPs by deteriorating the performance of their network, or even making them liable for being a carrier of malicious traffic. This paper explains how ISPs can employ IPFIX (IP Flow Information eXport), a flow-level telemetry protocol available on their network, to infer connected IoT devices and ensure their cyber health without making changes to home networks. Our contributions are threefold: (1) We analyze near three million IPFIX records of 26 IoT devices collected from a residential testbed over three months and identify 28 features, pertinent to their network activity and services, that characterize the network behavior of IoT devices – we release our IPFIX records as open data to the public; (2) We develop a multi-class classifier to infer the presence of certain IoT device types in a home network from NATed IPFIX records. We also develop a Trust metric to track network activity of detected devices over time; and, (3) We evaluate the efficacy of our inferencing method by applying the trained classifier to IPFIX traces which yields an average accuracy of 96% in detecting device types. By computing a temporal measure of trust per each device, we highlight (on our testbed) a permanent behavioral change in third of devices as well as some intermittent behavioral changes in others.