I would like to enquire that based on the anecdotal experience of group members, which TDE solution works best for PgSQL 17 databases.
Generally speaking, there is no "best". People use whatever vendor they happen to already use. Your best solution is to avoid TDE altogether. If you really need encryption at rest, have the OS do it. That works well (transparently, even), is very battle-tested, and has minimal performance impact. TDE, on the other hand, is a very complex and difficult thing to add into Postgres. Currently it means you are using a forked version of Postgres and are incurring overhead every time you read or write to disk.
The scenario I have is of a large number of tables (15-20K) and some tables with 100M tuples each. The total database size is 4TB.
The size and number of tables does not really matter. How often you write WAL, and how often things move in and out of shared buffers is what matters.
Cheers,
Greg
