vSphere Encryption can be applied on a per VM basis whereas vSAN Encryption will encrypt the whole vSAN Datastore and therefore every VM.
vSAN Encryption - Increased guest VM latency may be observed as a result of writing to the storage devices. The encryption process occurs as the data is written to the write buffer, and since vSAN will not send the write acknowledgment back to the VM until the synchronous write is completed in the buffer, this may translate to higher latency as viewed by guest VM latency. The destaging process also must decrypt and re-encrypt the data as it is destaged to the capacity tier. While this process does not directly impact guest VM latency, it can slow down the destaging process, which under higher loads or hardware insufficient to handle that demand, could indirectly increase latency on the VM.
You are likely to see similar to the above with vSphere Encryption however you can enable per VM so enables you to be granular in your selection, so maybe encrypt all VMs apart from high performance, low latency VMs.
Also with vSAN Encryption you would need vSAN Enterprise licence for each CPU. vSphere Encryption would not need vSAN Enterprise.
