Update, I got this to work without issue on two Mac Book Airs with fresh build of Yosemite using a boot key I created following the apple KB for that, one is a brand new 2015, the other is a 2013.

Still having an issue with the mid 2012 MacBook Pro, which was the Mac I was trying to create my base image on, which suggests to me when I created the image on it I transferred the issue to the other models.

Cisco Support has evaluated files and logs I sent to them and said the following "I checked the Dart that you sent and it looks okay there is no issue with the AnyConnect client i believe it is an issue with  the Mac itself. "
 
I have found that once I have responded to the popups they do not reappear until the mac is restarted.  So I can log out and log back in without seeing them, I can shutdown and power back up, and sleep the mac without having to respond to the prompts.  Restarting the mac results in the pop ups returning again.

I rebuilt all of the Macs I have today, 1 MacBook Pro and 3 MacBook Airs,  all of them have this pop up today.

They were all built following the same process
Built fresh with Yosemite 10.10.3
Admin account created
Joined the domain
Network Managed account created and made admin
Installed Cert, Applications, and profiles
Turned off our wifi, and connect to DSL line (802.1x) to test VPN. (I also found a DSL line without 802.1x and this issue still persists.)

Created new local user profiles, one Admin and one Standard, issue persists for both of them.  (it worked at first but after reboot popups appeared)

Also tried deleting my user account (delete user folder selected) and recreating the account but the issue again persists.

I have given every item in the System Keychain full access so that any application can access any item in the System Keychain.  I have also unlocked the system keychain, neither of these have had any effect on the issue yet,  the pop ups continue.

I think I may be on to something with this issue:

The macs that do have the issue, directly following the install of Yosemite have duplicate entries of everything Kerberos related in the System Keychain.

Please see the below images. The top image is from a Mac that has the AnyConnect pop ups, the bottom is from a mac without the pop ups directly after Yosemite is loaded.  Both Macs were built using the exact same methods.

If I remove duplicate Kerboros entries in the System keychain on the affected mac it appears to resolve the issue, but I am rebuilding to test again.

Confirmed on two more builds, removing the first certificate, public, and private keys for Kerboros resolves the issue. Still leaving the second version of each behind.

If you remove the second certificate, public, and private keys for Kerboros the issue persists, but removing the first one of each of these has resolved my issues with AnyConnect asking for access to the System Keychain.

sasalo0001  

is this fix still in effect or have you discovered anything else?

this is still the case, we are still on the same version of AnyConnect, and still required to use Yosemite due to software that isn't compatible with El Capitan yet.