Thanks for your response. It was in fact set to cookie at first -- that doesn't seem very safe to me! I now have it set to database.
I'm guessing that 'native' means that the PHP server will use the default php session-handling functionality that stores session data in the /tmp folder as flat files. It's my understanding that this can contribute to performance problems when the server gets busy.