We did some encryption testing a while back because a client wanted at-rest encryption. Hardware solutions between the storage and sql server seem to have the least impact on data delivery, while software solutions eat up mega cpu cycles.
There was one product that used a card to do the hardware encryption, but also had software installed as a backup in case of h/w failure so it could at least limp along until the h/w could be replaced.
Either way, there will be some performance loss. How much depends on your system(s). The vendors were more than willing to give us test time.
-- This is all just a Figment of my Imagination --