The visitor cookies is our source of truth when it comes to the analytics session recognition. The _pk_ses.* cookie is just an addition used to calculate some of the engagement reports (I explained it in the other thread).
The call: _paq.push(["setUserIsAnonymous", true]); translates directly to the tracker HTTP api param uia=1. It drops the IP address and limits the geolocation to country level. In the future, we plan to add more control, to be able to disable Session ID via tracker param. For now it can be disabled only globally via Site&app settings. While double checking that I noticed that docs are inconsistent in some cases. We plan to fix that asap.
We always rely on the visitor cookie. Our anonymous tracking mode that relies on cookies, limits its lifetime to 30 mins. The whole process of setting it up is much easier when our Tag Manager is used. Nevertheless, having all that context, you should be able to set it up.
Side note: we never set the cookie expiration to “session”.