You may be using JavaScript to make a request to an external website. When you do this you have to use the sbmproxy to avoid cross site scripting issues but depending on your needs you might not want the SSO token to be included in the header of the request you're going to. A good example where you might not want the SSO token included might be when making a rest call to another Serena product that uses SSO.
Customers often use this change to create a notice that the system is a TEST or Development environment. Government customers can also use this for system classification notifications. Note that only one header and footer are allowed per server, and they are not specific to a particular user or group.
Changing of SBM templates is not supported and is generally discouraged unless the modifier has an extensive knowledge of the product's browser architecture. However, you can customize the look and feel of the application engine such as modifying the page logo.