NetDrift

NetDrift is a desktop + web app for small-to-mid IT teams that need practical traffic analysis without running a full-blown SIEM. It passively ingests NetFlow/sFlow/IPFIX from routers, switches, and firewalls, then builds a baseline of “normal” traffic by site, VLAN, and critical apps. When patterns drift—new external destinations, unusual east-west spikes, DNS anomalies, or data egress—NetDrift flags it with plain-language explanations and a short investigation checklist. It focuses on fast triage: who talked to whom, when it changed, and what to check next. Reports are designed for non-specialists: weekly drift summaries, top talkers, and “newly seen” services. This is not a magic threat detector; it’s a pragmatic change-detection layer that helps teams spot misconfigurations, shadow IT, and early compromise signals with minimal tuning and no packet payload storage.